DevSecOps is a misnomer. Smashing Security in between Dev and Ops is the wrong way to think about optimizing your DevOps + Security pipeline. Many believe security is the blocker before getting their applications out to production. Owned by some distant, unapproachable team, security can seem like the new deep divide with a 'throw it over the wall' mentality. Instead, Security must be sprinkled throughout the DevOps cycle, taught from the beginning when developing best practices and automating compliant infrastructure, and owned by both DevOps and Security, working as a team. In this talk, we will dive deep into a sample DevSecOps culture and pipeline and show precisely how Security is not the blocker some make them out to be but an enabler to a positive customer and internal experience. Additionally, we’ll identify where both DevOps and Security teams can knowledge share in order to best aid each other toward a more efficient, and more secure, pipeline and product. We will focus on a fictional company, specific challenges they faced, and the things they did to address those challenges from Threat Modeling and Risk Classification, Security and DevOps Education, Automated Policy Enforcement, Secrets Management, Vulnerability Scanning, SAST and DAST, monitoring, and more. We'll step through the DevOps cycle and expose exactly where Security comes into play and how many of the steps/process/requirements can be automated to eliminate toil.


21:00 - 22:00 hs GMT+1


2nd Watch
Enviar a un amigo
Mi email *
Email destinatario *
Comentario *
Repite estos números *
Control de seguridad
Mayo / 2020 1123 webinars
Lun 27 de Mayo de 2020
Mar 28 de Mayo de 2020
Mié 29 de Mayo de 2020
Jue 30 de Mayo de 2020
Vie 01 de Mayo de 2020
Sáb 02 de Mayo de 2020
Dom 03 de Mayo de 2020
Lun 04 de Mayo de 2020
Mar 05 de Mayo de 2020
Mié 06 de Mayo de 2020
Jue 07 de Mayo de 2020
Vie 08 de Mayo de 2020
Sáb 09 de Mayo de 2020
Dom 10 de Mayo de 2020
Lun 11 de Mayo de 2020
Mar 12 de Mayo de 2020
Mié 13 de Mayo de 2020
Jue 14 de Mayo de 2020