Purpleteam is a security regression testing CLI and SaaS targeting Web applications and APIs. The CLI is specifically targeted at sitting within your build pipelines but can also be run manually. The SaaS that does the security testing of your applications and/or APIs can be deployed anywhere. Kim will briefly discuss the three year journey that has brought purpleteam from a proof of concept (PoC) to where it is now. In this session, Kim will discus the problem that purpleteam solves, along with the cost savings of finding and fixing your application security defects early (as you're introducing them) as opposed to late (weeks months later with external penetration testing) or not at all.
Technologist / Engineer, Information Security Professional, Entrepreneur and the founder of BinaryMist Ltd, https://binarymist.io/. OWASP NZ Chapter Leader. Certified Scrum Master. Facilitator, mentor and motivator of cross functional, self managing teams. With a solid 20 years of commercial industry experience across many domains, Kim Carter enjoys teaching others how to apply information security to their Agile processes, bringing the security focus up front where it's the cheapest to implement, increasing profit and reducing costs. Co-pioneer of two information security conferences (OWASP NZ Day and Christchurch Hacker Con), International trainer, speaker, published author, and Software Engineering Radio podcast host, focusing on software and network architecture, web development and engineering, and information security.