DevOpSec - Killing the Buzz

Presented at RVAsec 2017, June 9, 2017, 11:10 a.m. (50 minutes).

The DevOps movement continues to grow, and it is beginning to move out of small startups into large enterprises. DevOps and Agile development bring a lot to the table, but are often viewed as coming at the expense of security. This presentation explores ways to integrate security into DevOps environments: identifying the benefits of doing so, outlining potential problems, and attempting to provide solutions to them. Ultimately, the talk hopes to provide practical guidance and tools that can be used as a base to improve security throughout the stack.


Presenters:

  • Jason Ross - NCC Group
    Jason Ross is a Senior Consultant with NCC Group - a global information assurance specialist providing organizations with expert security consulting services. Working primarily from Rochester, NY, he has developed and delivered training tools and programs on topics such as advanced mobile penetration testing, android forensics techniques, and enterprise-level malware analysis. Jason has spoken at many regional conferences across the United States, as well as major security conferences including Blackhat DC, BSides Las Vegas, DerbyCon, and DEF CON Skytalks.

Links:

Similar Presentations: