In this talk Erich Smith of JupiterOne will share the essentials to application security and what elements organization should prioritize to reduce the potential time-sink that is 360 degree risk analysis of code changes in CI/CD pipelines. Takeaways from this session will include:

• High-level considerations for selecting change management tooling
• Thinking in graphs: enriching Pull Requests with additional, 2nd-order context
• Implementing automated risk analysis into your CI/CD pipelines for $0!