We’ve all heard the buzz around pushing application security into the hands of developers, but if you’re like most companies, it has been hard to actually make this a reality. You aren’t alone – putting the culture, processes, and tooling into place to make this happen is tough. Join Scott Gerlach as he shares his triumphs and failures practices and tools at companies such as GoDaddy, SendGrid, and Twilio. Dig into specific reasons why it's difficult to embed application and API security testing into pipelines and what you can do to make it work better. Whether you’re a seasoned pro or just starting out, this will be an entertaining (and judgement-free!) talk you won’t want to miss.