Developing a Rugged DevOps Approach to Cloud Security

Presented at BSidesSF 2016, Feb. 28, 2016, 5:30 p.m. (25 minutes).

Your operational tools deliver continuous monitoring and alerting-why doesn't your security suite? No single path exists to a rugged DevOps approach that works for every organization, but certain key principles and techniques are used by the DevOps elite that give them distinct advantages. You can use these and revamp your organization's processes and behaviors to gain efficiencies in your security operations. Security can no longer be thought of as being a separate step in a launch. Instead, security must be integrated into the overall processes of development and deployment. As organizations move more deeply into continuous patterns of development and deployment, the importance of implementing continuous security behaviors becomes non-negotiable. Attendees will learn strategies to better understand their value to an attacker, how to better define the battlefield for their own advantage, how to identify potential Rugged DevOps allies within the organization, why it is time to embrace continuous security cycles and automate security acceptance tests as part of the QA process, and the value of operationalizing security alerts and remediation efforts to achieve a more agile security posture.


Presenters:

  • Tim Prendergast - CEO - Evident.io
    Tim Prendergast is cofounder and CEO of Evident.io seeks to help others avoid the pain he endured when helping Adobe adopt the cloud at a massive level. After years of building, operating, and securing services in AWS, Tim set out to make security approachable and repeatable for companies of all sizes. Tim led technology teams at Adobe, Ingenuity, Ticketmaster, and McAfee.

Links:

Similar Presentations: