SlideShare ist ein Scribd-Unternehmen logo

Extract: DevSecOps - London Gathering (March 2019)

Als PPTX, PDF herunterladen
M
Michael Man

1) The DevSecOps-London Gathering meets monthly to discuss topics related to integrating security into DevOps practices. 2) Over the past year and a half, they have covered topics such as threat modeling, security automation, container security, and scaling security operations. 3) Recent meetings have focused on Kubernetes and Istio security best practices.

Technologie
1 von 7
DevSecOps – London Gathering March 2019
WAYS TO STAY IN TOUCH https://www.meetup.com/DevSecOps-London-Gathering https://twitter.com/DevSecOps_LG https://www.linkedin.com/company/devsecops-london-gathering https://github.com/DevSecOps-LondonGathering https://www.youtube.com/channel/UCR4oVMkRjNN2OQaWMiBcfJA 😇 🙏 🤮
THE JOURNEY SO FAR … 1 • September 2017 • DevSecOps Engineer http://slides.com/chossrutter/securing#/17 • Project Management Experience: Security in Agile https://www.slideshare.net/MichaelMan11/project-management-experience-security-in-agile-1309 • October 2017 • Practical Threat Modelling http://slides.com/chossrutter/securing-6 • Threat Modelling Automation http://slides.com/mattjoyce/automatetm#/ • December 2017 • Security Automation in DevOps https://www.slideshare.net/MichaelMan11/dev-secops-testautomation https://www.slideshare.net/MichaelMan11/dynaminet-devsecops
THE JOURNEY SO FAR … 2 • February 2018 • DevSecOps: The Evolution of DevOps https://www.slideshare.net/MichaelMan11/devsecops-the-evolution-of-devops • March 2018 • The mechanics behind how attackers exploit simple programming mistakes https://www.slideshare.net/MichaelMan11/the-mechanics-behind-how-attackers-exploit-simple-programming- mistakes • April 2018 Secret Dragons – Harder To Execute • https://www.slideshare.net/MichaelMan11/vulnerability-management-in-devsecops-easy-concept-but- harder-to-execute • https://www.slideshare.net/MichaelMan11/secret-management-journey-here-be-dragons-aka-secret- dragons
THE JOURNEY SO FAR … 3 • May 2018 • Continuous Security: From tins to containers - now what! https://www.slideshare.net/MichaelMan11/continuous-security-from-tins-to-containers-now-what • June 2018 • The Bastion Server That Isn't There ... https://www.slideshare.net/MichaelMan11/the-bastion-server-that-isnt-there-joshua-kite • July 2018 • Scale Security For A Dollar Or Less https://www.slideshare.net/secfigo/scale-security-for-a-dollar-or-less/ • Threat Modelling: The Ultimate DevSecOps https://speakerdeck.com/zeroxten/threat-modeling-the-ultimate-devsecops • Practical Steps For Securing Containers https://www.slideshare.net/MichaelMan11/practical-steps-for-securing-containers-liz-rice
THE JOURNEY SO FAR … 4 • August 2018 • Bringing Rapid Prototyping To The Threat Model Process https://github.com/geoffrey-hill-tutamantic/rapid-threat-model-prototyping-docs • September 2018 [YouTube] How To Save A Burning Programme! Aubrey Stearn Implementing SAST IRL Kaveh Goudarzi and Michael Man Micro Threat Modelling For Agile Delivery Works Chris Rutter Real World Security Stuart Gunter Vulnerability Management At Scale At Facebook Alexandre Fiori • November 2018 Hot Topics: Multiple releases a day, what security testing should be considered and adopted?
THE JOURNEY SO FAR … 5 • January 2019 [YouTube] • Kubernetes Security https://www.slideshare.net/MichaelMan11/control-plane-continuous-kubernetes-security-devsecops-london- gathering-january-2019 • Introduction to Istio https://www.slideshare.net/MichaelMan11/matt-turner-istio-the-packetseye-view-devsecops-london-gathering- january-2019 • Security Rationale for Istio https://www.slideshare.net/MichaelMan11/control-plane-security-rationale-for-istio-devsecops-london-gathering- january-2019 • February 2019 After taking a decision to establish DevSecOps mindset at an organisation, what key skills and experience (cultural as well as technical) should I look for in a first hire?

Empfohlen

Publish Your React Component
Publish Your React ComponentPublish Your React Component
Publish Your React ComponentMark Maximus Muskardin
 
Microservices - Voxxed Vilnius 2015
Microservices - Voxxed Vilnius 2015 Microservices - Voxxed Vilnius 2015
Microservices - Voxxed Vilnius 2015Tomasz Szymanski
 
KubeCon 2020 EU Virtual: How we migrated our monolith to K8s
KubeCon 2020 EU Virtual: How we migrated our monolith to K8sKubeCon 2020 EU Virtual: How we migrated our monolith to K8s
KubeCon 2020 EU Virtual: How we migrated our monolith to K8sMauricio (Salaboy) Salatino
 
Gradle
GradleGradle
GradleJéferson Machado
 
DevOps Indonesia Announcement at Home Credit Indonesia
DevOps Indonesia Announcement at Home Credit IndonesiaDevOps Indonesia Announcement at Home Credit Indonesia
DevOps Indonesia Announcement at Home Credit IndonesiaDevOps Indonesia
 
Final presentation switter
Final presentation switterFinal presentation switter
Final presentation switterSoyeongKim8
 
August 2018: DevSecOps - London Gathering
August 2018: DevSecOps - London GatheringAugust 2018: DevSecOps - London Gathering
August 2018: DevSecOps - London GatheringMichael Man
 
How Small Team Get Ready for SRE (public version)
How Small Team Get Ready for SRE (public version)How Small Team Get Ready for SRE (public version)
How Small Team Get Ready for SRE (public version)Setyo Legowo
 

Empfohlen

Publish Your React Component
Publish Your React ComponentPublish Your React Component
Publish Your React ComponentMark Maximus Muskardin
 
Microservices - Voxxed Vilnius 2015
Microservices - Voxxed Vilnius 2015 Microservices - Voxxed Vilnius 2015
Microservices - Voxxed Vilnius 2015Tomasz Szymanski
 
KubeCon 2020 EU Virtual: How we migrated our monolith to K8s
KubeCon 2020 EU Virtual: How we migrated our monolith to K8sKubeCon 2020 EU Virtual: How we migrated our monolith to K8s
KubeCon 2020 EU Virtual: How we migrated our monolith to K8sMauricio (Salaboy) Salatino
 
Gradle
GradleGradle
GradleJéferson Machado
 
DevOps Indonesia Announcement at Home Credit Indonesia
DevOps Indonesia Announcement at Home Credit IndonesiaDevOps Indonesia Announcement at Home Credit Indonesia
DevOps Indonesia Announcement at Home Credit IndonesiaDevOps Indonesia
 
Final presentation switter
Final presentation switterFinal presentation switter
Final presentation switterSoyeongKim8
 
August 2018: DevSecOps - London Gathering
August 2018: DevSecOps - London GatheringAugust 2018: DevSecOps - London Gathering
August 2018: DevSecOps - London GatheringMichael Man
 
How Small Team Get Ready for SRE (public version)
How Small Team Get Ready for SRE (public version)How Small Team Get Ready for SRE (public version)
How Small Team Get Ready for SRE (public version)Setyo Legowo
 
DevOps checklist or how to understand where is your team in DevOps landscape ...
DevOps checklist or how to understand where is your team in DevOps landscape ...DevOps checklist or how to understand where is your team in DevOps landscape ...
DevOps checklist or how to understand where is your team in DevOps landscape ...Mikalai Alimenkou
 
Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...
Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...
Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...Lviv Startup Club
 
DevSecOps Manchester - May 2019
DevSecOps Manchester - May 2019DevSecOps Manchester - May 2019
DevSecOps Manchester - May 2019Michael Man
 
Workshop About Software Engineering Skills 2019
Workshop About Software Engineering Skills 2019Workshop About Software Engineering Skills 2019
Workshop About Software Engineering Skills 2019PhuocNT (Fresher.VN)
 
Swedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint Framework
Swedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint FrameworkSwedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint Framework
Swedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint FrameworkDavid Opdendries
 
Cross Platform Angular 2 and TypeScript Development
Cross Platform Angular 2 and TypeScript DevelopmentCross Platform Angular 2 and TypeScript Development
Cross Platform Angular 2 and TypeScript DevelopmentJeremy Likness
 
Modern SharePoint Development using Visual Studio Code
Modern SharePoint Development using Visual Studio CodeModern SharePoint Development using Visual Studio Code
Modern SharePoint Development using Visual Studio CodeJared Matfess
 
Extract Oct 2019: DSO-LG Rolling Slides
Extract Oct 2019: DSO-LG Rolling SlidesExtract Oct 2019: DSO-LG Rolling Slides
Extract Oct 2019: DSO-LG Rolling SlidesMichael Man
 
Xamarin tools
Xamarin toolsXamarin tools
Xamarin toolsKym Phillpotts
 
GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"
GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"
GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"Daniel Bryant
 
Software development in the modern age
Software development in the modern ageSoftware development in the modern age
Software development in the modern ageRoy Wasse
 
Rakuten and Microsoft talk DevOps in Real World
Rakuten and Microsoft talk DevOps in Real WorldRakuten and Microsoft talk DevOps in Real World
Rakuten and Microsoft talk DevOps in Real WorldTsuyoshi Ushio
 
DevOps Dilemma - Make Dev work with Ops!
DevOps Dilemma - Make Dev work with Ops!DevOps Dilemma - Make Dev work with Ops!
DevOps Dilemma - Make Dev work with Ops!Sandeep Joshi
 
Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...
Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...
Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...Cloud Security Alliance, UK chapter
 
Nsc42-CSA AGM is the cloud secure - is easy if you do it smart
Nsc42-CSA AGM is the cloud secure - is easy if you do it smartNsc42-CSA AGM is the cloud secure - is easy if you do it smart
Nsc42-CSA AGM is the cloud secure - is easy if you do it smartNSC42 Ltd
 
data-visulisation-for-agile-analytics-workshop.pptx
data-visulisation-for-agile-analytics-workshop.pptxdata-visulisation-for-agile-analytics-workshop.pptx
data-visulisation-for-agile-analytics-workshop.pptxSyahri Ramadhan
 
Portfolio
PortfolioPortfolio
PortfolioShrey Sangal
 
How to become senior .net developer
How to become senior .net developerHow to become senior .net developer
How to become senior .net developerTung Nguyen Thanh
 
SMC2015: Work Life Hacks
SMC2015: Work Life HacksSMC2015: Work Life Hacks
SMC2015: Work Life HacksAlex Moss
 
CI and CD with Visual Studio Team Services and Azure
CI and CD with Visual Studio Team Services and AzureCI and CD with Visual Studio Team Services and Azure
CI and CD with Visual Studio Team Services and AzureLennart Passig
 
5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)Michael Man
 
K8S Certifications - Exam Cram
K8S Certifications - Exam CramK8S Certifications - Exam Cram
K8S Certifications - Exam CramMichael Man
 

Weitere ähnliche Inhalte

Ähnlich wie Extract: DevSecOps - London Gathering (March 2019)

DevOps checklist or how to understand where is your team in DevOps landscape ...
DevOps checklist or how to understand where is your team in DevOps landscape ...DevOps checklist or how to understand where is your team in DevOps landscape ...
DevOps checklist or how to understand where is your team in DevOps landscape ...Mikalai Alimenkou
 
Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...
Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...
Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...Lviv Startup Club
 
DevSecOps Manchester - May 2019
DevSecOps Manchester - May 2019DevSecOps Manchester - May 2019
DevSecOps Manchester - May 2019Michael Man
 
Workshop About Software Engineering Skills 2019
Workshop About Software Engineering Skills 2019Workshop About Software Engineering Skills 2019
Workshop About Software Engineering Skills 2019PhuocNT (Fresher.VN)
 
Swedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint Framework
Swedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint FrameworkSwedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint Framework
Swedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint FrameworkDavid Opdendries
 
Cross Platform Angular 2 and TypeScript Development
Cross Platform Angular 2 and TypeScript DevelopmentCross Platform Angular 2 and TypeScript Development
Cross Platform Angular 2 and TypeScript DevelopmentJeremy Likness
 
Modern SharePoint Development using Visual Studio Code
Modern SharePoint Development using Visual Studio CodeModern SharePoint Development using Visual Studio Code
Modern SharePoint Development using Visual Studio CodeJared Matfess
 
Extract Oct 2019: DSO-LG Rolling Slides
Extract Oct 2019: DSO-LG Rolling SlidesExtract Oct 2019: DSO-LG Rolling Slides
Extract Oct 2019: DSO-LG Rolling SlidesMichael Man
 
GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"
GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"
GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"Daniel Bryant
 
Software development in the modern age
Software development in the modern ageSoftware development in the modern age
Software development in the modern ageRoy Wasse
 
Rakuten and Microsoft talk DevOps in Real World
Rakuten and Microsoft talk DevOps in Real WorldRakuten and Microsoft talk DevOps in Real World
Rakuten and Microsoft talk DevOps in Real WorldTsuyoshi Ushio
 
DevOps Dilemma - Make Dev work with Ops!
DevOps Dilemma - Make Dev work with Ops!DevOps Dilemma - Make Dev work with Ops!
DevOps Dilemma - Make Dev work with Ops!Sandeep Joshi
 
Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...
Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...
Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...Cloud Security Alliance, UK chapter
 
Nsc42-CSA AGM is the cloud secure - is easy if you do it smart
Nsc42-CSA AGM is the cloud secure - is easy if you do it smartNsc42-CSA AGM is the cloud secure - is easy if you do it smart
Nsc42-CSA AGM is the cloud secure - is easy if you do it smartNSC42 Ltd
 
data-visulisation-for-agile-analytics-workshop.pptx
data-visulisation-for-agile-analytics-workshop.pptxdata-visulisation-for-agile-analytics-workshop.pptx
data-visulisation-for-agile-analytics-workshop.pptxSyahri Ramadhan
 
How to become senior .net developer
How to become senior .net developerHow to become senior .net developer
How to become senior .net developerTung Nguyen Thanh
 
SMC2015: Work Life Hacks
SMC2015: Work Life HacksSMC2015: Work Life Hacks
SMC2015: Work Life HacksAlex Moss
 
CI and CD with Visual Studio Team Services and Azure
CI and CD with Visual Studio Team Services and AzureCI and CD with Visual Studio Team Services and Azure
CI and CD with Visual Studio Team Services and AzureLennart Passig
 

Ähnlich wie Extract: DevSecOps - London Gathering (March 2019) (20)

DevOps checklist or how to understand where is your team in DevOps landscape ...
DevOps checklist or how to understand where is your team in DevOps landscape ...DevOps checklist or how to understand where is your team in DevOps landscape ...
DevOps checklist or how to understand where is your team in DevOps landscape ...
 
Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...
Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...
Кіра Гончарова "Learn and share experience by Dev-Pro: how to develop PM comm...
 
DevSecOps Manchester - May 2019
DevSecOps Manchester - May 2019DevSecOps Manchester - May 2019
DevSecOps Manchester - May 2019
 
Workshop About Software Engineering Skills 2019
Workshop About Software Engineering Skills 2019Workshop About Software Engineering Skills 2019
Workshop About Software Engineering Skills 2019
 
Swedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint Framework
Swedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint FrameworkSwedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint Framework
Swedish SharePoint UserGroup Göteborg Oct 5 2016 SharePoint Framework
 
Cross Platform Angular 2 and TypeScript Development
Cross Platform Angular 2 and TypeScript DevelopmentCross Platform Angular 2 and TypeScript Development
Cross Platform Angular 2 and TypeScript Development
 
Modern SharePoint Development using Visual Studio Code
Modern SharePoint Development using Visual Studio CodeModern SharePoint Development using Visual Studio Code
Modern SharePoint Development using Visual Studio Code
 
Extract Oct 2019: DSO-LG Rolling Slides
Extract Oct 2019: DSO-LG Rolling SlidesExtract Oct 2019: DSO-LG Rolling Slides
Extract Oct 2019: DSO-LG Rolling Slides
 
Xamarin tools
Xamarin toolsXamarin tools
Xamarin tools
 
GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"
GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"
GOTO Chicago/CraftConf 2017 "The Seven (More) Deadly Sins of Microservices"
 
Software development in the modern age
Software development in the modern ageSoftware development in the modern age
Software development in the modern age
 
Rakuten and Microsoft talk DevOps in Real World
Rakuten and Microsoft talk DevOps in Real WorldRakuten and Microsoft talk DevOps in Real World
Rakuten and Microsoft talk DevOps in Real World
 
DevOps Dilemma - Make Dev work with Ops!
DevOps Dilemma - Make Dev work with Ops!DevOps Dilemma - Make Dev work with Ops!
DevOps Dilemma - Make Dev work with Ops!
 
Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...
Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...
Csa UK agm 2019 - Nsc42 - is the cloud secure - is easy if you do it smart Fr...
 
Nsc42-CSA AGM is the cloud secure - is easy if you do it smart
Nsc42-CSA AGM is the cloud secure - is easy if you do it smartNsc42-CSA AGM is the cloud secure - is easy if you do it smart
Nsc42-CSA AGM is the cloud secure - is easy if you do it smart
 
data-visulisation-for-agile-analytics-workshop.pptx
data-visulisation-for-agile-analytics-workshop.pptxdata-visulisation-for-agile-analytics-workshop.pptx
data-visulisation-for-agile-analytics-workshop.pptx
 
Portfolio
PortfolioPortfolio
Portfolio
 
How to become senior .net developer
How to become senior .net developerHow to become senior .net developer
How to become senior .net developer
 
SMC2015: Work Life Hacks
SMC2015: Work Life HacksSMC2015: Work Life Hacks
SMC2015: Work Life Hacks
 
CI and CD with Visual Studio Team Services and Azure
CI and CD with Visual Studio Team Services and AzureCI and CD with Visual Studio Team Services and Azure
CI and CD with Visual Studio Team Services and Azure
 

Mehr von Michael Man

5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)Michael Man
 
K8S Certifications - Exam Cram
K8S Certifications - Exam CramK8S Certifications - Exam Cram
K8S Certifications - Exam CramMichael Man
 
DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)
DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)
DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)Michael Man
 
DSO-LG March 2018: The mechanics behind how attackers exploit simple programm...
DSO-LG March 2018: The mechanics behind how attackers exploit simple programm...DSO-LG March 2018: The mechanics behind how attackers exploit simple programm...
DSO-LG March 2018: The mechanics behind how attackers exploit simple programm...Michael Man
 
DSO-LG Oct 2019: Modern Software Delivery: Supply Chain Security Critical (Ch...
DSO-LG Oct 2019: Modern Software Delivery: Supply Chain Security Critical (Ch...DSO-LG Oct 2019: Modern Software Delivery: Supply Chain Security Critical (Ch...
DSO-LG Oct 2019: Modern Software Delivery: Supply Chain Security Critical (Ch...Michael Man
 
Sept 2019 - DSO-LG Tooling Examples
Sept 2019 - DSO-LG Tooling ExamplesSept 2019 - DSO-LG Tooling Examples
Sept 2019 - DSO-LG Tooling ExamplesMichael Man
 
Chris Rutter: Avoiding The Security Brick
Chris Rutter: Avoiding The Security BrickChris Rutter: Avoiding The Security Brick
Chris Rutter: Avoiding The Security BrickMichael Man
 
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Michael Man
 
Matt Turner: Istio, The Packet's-Eye View (DevSecOps - London Gathering, Janu...
Matt Turner: Istio, The Packet's-Eye View (DevSecOps - London Gathering, Janu...Matt Turner: Istio, The Packet's-Eye View (DevSecOps - London Gathering, Janu...
Matt Turner: Istio, The Packet's-Eye View (DevSecOps - London Gathering, Janu...Michael Man
 
Control Plane: Continuous Kubernetes Security (DevSecOps - London Gathering, ...
Control Plane: Continuous Kubernetes Security (DevSecOps - London Gathering, ...Control Plane: Continuous Kubernetes Security (DevSecOps - London Gathering, ...
Control Plane: Continuous Kubernetes Security (DevSecOps - London Gathering, ...Michael Man
 
DevSecOps - London Gathering : June 2018
DevSecOps - London Gathering : June 2018DevSecOps - London Gathering : June 2018
DevSecOps - London Gathering : June 2018Michael Man
 
Continuous Security: From tins to containers - now what!
Continuous Security: From tins to containers - now what!Continuous Security: From tins to containers - now what!
Continuous Security: From tins to containers - now what!Michael Man
 
The mechanics behind how attackers exploit simple programming mistakes ...
The mechanics behind how attackers exploit simple programming mistakes ...The mechanics behind how attackers exploit simple programming mistakes ...
The mechanics behind how attackers exploit simple programming mistakes ...Michael Man
 
Secret Management Journey - Here Be Dragons aka Secret Dragons
Secret Management Journey - Here Be Dragons aka Secret DragonsSecret Management Journey - Here Be Dragons aka Secret Dragons
Secret Management Journey - Here Be Dragons aka Secret DragonsMichael Man
 
DevSecOps March 2018 - Extract
DevSecOps March 2018 - ExtractDevSecOps March 2018 - Extract
DevSecOps March 2018 - ExtractMichael Man
 
DevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOpsDevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOpsMichael Man
 
Dynaminet -DevSecOps
Dynaminet -DevSecOpsDynaminet -DevSecOps
Dynaminet -DevSecOpsMichael Man
 
DevSecOps: Test Automation
DevSecOps: Test AutomationDevSecOps: Test Automation
DevSecOps: Test AutomationMichael Man
 
Project management experience security in agile 1309
Project management experience security in agile 1309Project management experience security in agile 1309
Project management experience security in agile 1309Michael Man
 

Mehr von Michael Man (19)

5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)
 
K8S Certifications - Exam Cram
K8S Certifications - Exam CramK8S Certifications - Exam Cram
K8S Certifications - Exam Cram
 
DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)
DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)
DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)
 
DSO-LG March 2018: The mechanics behind how attackers exploit simple programm...
DSO-LG March 2018: The mechanics behind how attackers exploit simple programm...DSO-LG March 2018: The mechanics behind how attackers exploit simple programm...
DSO-LG March 2018: The mechanics behind how attackers exploit simple programm...
 
DSO-LG Oct 2019: Modern Software Delivery: Supply Chain Security Critical (Ch...
DSO-LG Oct 2019: Modern Software Delivery: Supply Chain Security Critical (Ch...DSO-LG Oct 2019: Modern Software Delivery: Supply Chain Security Critical (Ch...
DSO-LG Oct 2019: Modern Software Delivery: Supply Chain Security Critical (Ch...
 
Sept 2019 - DSO-LG Tooling Examples
Sept 2019 - DSO-LG Tooling ExamplesSept 2019 - DSO-LG Tooling Examples
Sept 2019 - DSO-LG Tooling Examples
 
Chris Rutter: Avoiding The Security Brick
Chris Rutter: Avoiding The Security BrickChris Rutter: Avoiding The Security Brick
Chris Rutter: Avoiding The Security Brick
 
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
 
Matt Turner: Istio, The Packet's-Eye View (DevSecOps - London Gathering, Janu...
Matt Turner: Istio, The Packet's-Eye View (DevSecOps - London Gathering, Janu...Matt Turner: Istio, The Packet's-Eye View (DevSecOps - London Gathering, Janu...
Matt Turner: Istio, The Packet's-Eye View (DevSecOps - London Gathering, Janu...
 
Control Plane: Continuous Kubernetes Security (DevSecOps - London Gathering, ...
Control Plane: Continuous Kubernetes Security (DevSecOps - London Gathering, ...Control Plane: Continuous Kubernetes Security (DevSecOps - London Gathering, ...
Control Plane: Continuous Kubernetes Security (DevSecOps - London Gathering, ...
 
DevSecOps - London Gathering : June 2018
DevSecOps - London Gathering : June 2018DevSecOps - London Gathering : June 2018
DevSecOps - London Gathering : June 2018
 
Continuous Security: From tins to containers - now what!
Continuous Security: From tins to containers - now what!Continuous Security: From tins to containers - now what!
Continuous Security: From tins to containers - now what!
 
The mechanics behind how attackers exploit simple programming mistakes ...
The mechanics behind how attackers exploit simple programming mistakes ...The mechanics behind how attackers exploit simple programming mistakes ...
The mechanics behind how attackers exploit simple programming mistakes ...
 
Secret Management Journey - Here Be Dragons aka Secret Dragons
Secret Management Journey - Here Be Dragons aka Secret DragonsSecret Management Journey - Here Be Dragons aka Secret Dragons
Secret Management Journey - Here Be Dragons aka Secret Dragons
 
DevSecOps March 2018 - Extract
DevSecOps March 2018 - ExtractDevSecOps March 2018 - Extract
DevSecOps March 2018 - Extract
 
DevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOpsDevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOps
 
Dynaminet -DevSecOps
Dynaminet -DevSecOpsDynaminet -DevSecOps
Dynaminet -DevSecOps
 
DevSecOps: Test Automation
DevSecOps: Test AutomationDevSecOps: Test Automation
DevSecOps: Test Automation
 
Project management experience security in agile 1309
Project management experience security in agile 1309Project management experience security in agile 1309
Project management experience security in agile 1309
 

Kürzlich hochgeladen

Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 

Kürzlich hochgeladen (20)

Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

Extract: DevSecOps - London Gathering (March 2019)

  • 1. DevSecOps – London Gathering March 2019
  • 2. WAYS TO STAY IN TOUCH https://www.meetup.com/DevSecOps-London-Gathering https://twitter.com/DevSecOps_LG https://www.linkedin.com/company/devsecops-london-gathering https://github.com/DevSecOps-LondonGathering https://www.youtube.com/channel/UCR4oVMkRjNN2OQaWMiBcfJA 😇 🙏 🤮
  • 3. THE JOURNEY SO FAR … 1 • September 2017 • DevSecOps Engineer http://slides.com/chossrutter/securing#/17 • Project Management Experience: Security in Agile https://www.slideshare.net/MichaelMan11/project-management-experience-security-in-agile-1309 • October 2017 • Practical Threat Modelling http://slides.com/chossrutter/securing-6 • Threat Modelling Automation http://slides.com/mattjoyce/automatetm#/ • December 2017 • Security Automation in DevOps https://www.slideshare.net/MichaelMan11/dev-secops-testautomation https://www.slideshare.net/MichaelMan11/dynaminet-devsecops
  • 4. THE JOURNEY SO FAR … 2 • February 2018 • DevSecOps: The Evolution of DevOps https://www.slideshare.net/MichaelMan11/devsecops-the-evolution-of-devops • March 2018 • The mechanics behind how attackers exploit simple programming mistakes https://www.slideshare.net/MichaelMan11/the-mechanics-behind-how-attackers-exploit-simple-programming- mistakes • April 2018 Secret Dragons – Harder To Execute • https://www.slideshare.net/MichaelMan11/vulnerability-management-in-devsecops-easy-concept-but- harder-to-execute • https://www.slideshare.net/MichaelMan11/secret-management-journey-here-be-dragons-aka-secret- dragons
  • 5. THE JOURNEY SO FAR … 3 • May 2018 • Continuous Security: From tins to containers - now what! https://www.slideshare.net/MichaelMan11/continuous-security-from-tins-to-containers-now-what • June 2018 • The Bastion Server That Isn't There ... https://www.slideshare.net/MichaelMan11/the-bastion-server-that-isnt-there-joshua-kite • July 2018 • Scale Security For A Dollar Or Less https://www.slideshare.net/secfigo/scale-security-for-a-dollar-or-less/ • Threat Modelling: The Ultimate DevSecOps https://speakerdeck.com/zeroxten/threat-modeling-the-ultimate-devsecops • Practical Steps For Securing Containers https://www.slideshare.net/MichaelMan11/practical-steps-for-securing-containers-liz-rice
  • 6. THE JOURNEY SO FAR … 4 • August 2018 • Bringing Rapid Prototyping To The Threat Model Process https://github.com/geoffrey-hill-tutamantic/rapid-threat-model-prototyping-docs • September 2018 [YouTube] How To Save A Burning Programme! Aubrey Stearn Implementing SAST IRL Kaveh Goudarzi and Michael Man Micro Threat Modelling For Agile Delivery Works Chris Rutter Real World Security Stuart Gunter Vulnerability Management At Scale At Facebook Alexandre Fiori • November 2018 Hot Topics: Multiple releases a day, what security testing should be considered and adopted?
  • 7. THE JOURNEY SO FAR … 5 • January 2019 [YouTube] • Kubernetes Security https://www.slideshare.net/MichaelMan11/control-plane-continuous-kubernetes-security-devsecops-london- gathering-january-2019 • Introduction to Istio https://www.slideshare.net/MichaelMan11/matt-turner-istio-the-packetseye-view-devsecops-london-gathering- january-2019 • Security Rationale for Istio https://www.slideshare.net/MichaelMan11/control-plane-security-rationale-for-istio-devsecops-london-gathering- january-2019 • February 2019 After taking a decision to establish DevSecOps mindset at an organisation, what key skills and experience (cultural as well as technical) should I look for in a first hire?