That’s crazy talk! ...or is it?

One revolutionary technique that has shifted the paradigm of performance testing is doing performance testing in production using canary deployments. However, the benefits of using a similar approach for App and API security testing are even more significant. Doing so assures that your vulnerability resolution fixes are relevant to and effective in a real-world environment as opposed to a not-real pre-prod environment.

This avoids the shortcomings of traditional tools -- the inaccuracy and long scan times of SAST, poor coverage of DAST and IAST tools, lack of context in SCA, and ineffectiveness of WAF. It even aligns well with movements like DevOps, cloud-native, and shifting ownership of security left from the security team to engineering.

Join this discussion to learn what revolutionary techniques are necessary to safely pull this off.