Suche senden
Hochladen
DevSecOps - Building Rugged Software
•
4 gefällt mir
•
1,443 views
S
SeniorStoryteller
Folgen
Shannon Lietz presentation at DevOps Connect: Rugged DevOps at InfoSec Europe 2016
Weniger lesen
Mehr lesen
Technologie
Melden
Teilen
Melden
Teilen
1 von 25
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
Implementing DevOps in a Regulated Environment - DJ Schleen
Implementing DevOps in a Regulated Environment - DJ Schleen
SeniorStoryteller
The End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon Lietz
SeniorStoryteller
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
SeniorStoryteller
Secure Your Code Implement DevSecOps in Azure
Secure Your Code Implement DevSecOps in Azure
kloia
DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)
Qualitest
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
Denim Group
SecDevOps 2.0 - Managing Your Robot Army
SecDevOps 2.0 - Managing Your Robot Army
conjur_inc
DevSecOps Singapore 2017 - Security in the Delivery Pipeline
DevSecOps Singapore 2017 - Security in the Delivery Pipeline
James Wickett
Empfohlen
Implementing DevOps in a Regulated Environment - DJ Schleen
Implementing DevOps in a Regulated Environment - DJ Schleen
SeniorStoryteller
The End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon Lietz
SeniorStoryteller
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
SeniorStoryteller
Secure Your Code Implement DevSecOps in Azure
Secure Your Code Implement DevSecOps in Azure
kloia
DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)
Qualitest
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
Denim Group
SecDevOps 2.0 - Managing Your Robot Army
SecDevOps 2.0 - Managing Your Robot Army
conjur_inc
DevSecOps Singapore 2017 - Security in the Delivery Pipeline
DevSecOps Singapore 2017 - Security in the Delivery Pipeline
James Wickett
A Secure DevOps Journey
A Secure DevOps Journey
Sonatype
Barriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome Them
WhiteSource
Making Security Agile - Oleg Gryb
Making Security Agile - Oleg Gryb
SeniorStoryteller
DevSecOps - The big picture
DevSecOps - The big picture
Stefan Streichsbier
DevSecOps - The big picture
DevSecOps - The big picture
DevSecOpsSg
Take Control: Design a Complete DevSecOps Program
Take Control: Design a Complete DevSecOps Program
Deborah Schalm
DevSecCon Asia 2017 Fabian Lim: DevSecOps in the government
DevSecCon Asia 2017 Fabian Lim: DevSecOps in the government
DevSecCon
Simplify Dev with Complicated Security Tools
Simplify Dev with Complicated Security Tools
Kevin Fealey
DevSecOps: Minimizing Risk, Improving Security
DevSecOps: Minimizing Risk, Improving Security
Franklin Mosley
Dos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOps
Priyanka Aash
Defining DevSecOps
Defining DevSecOps
Uchit Vyas ☁
DevSecOps 101
DevSecOps 101
Narudom Roongsiriwong, CISSP
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
Amazon Web Services
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1
Mohammed A. Imran
DevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & Microservices
Sonatype
Ops Happens: DevOps Beyond Deployment - Damon Edwards
Ops Happens: DevOps Beyond Deployment - Damon Edwards
SeniorStoryteller
Introduction to DevSecOps
Introduction to DevSecOps
Setu Parimi
DevSecOps OWASP
DevSecOps OWASP
Priyanka Raghavan
DevSecOps in Baby Steps
DevSecOps in Baby Steps
Priyanka Aash
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
SeniorStoryteller
Implementing an Application Security Pipeline in Jenkins
Implementing an Application Security Pipeline in Jenkins
Suman Sourav
Building Security In - A Tale of Two Stories - Laksh Raghavan
Building Security In - A Tale of Two Stories - Laksh Raghavan
SeniorStoryteller
Weitere ähnliche Inhalte
Was ist angesagt?
A Secure DevOps Journey
A Secure DevOps Journey
Sonatype
Barriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome Them
WhiteSource
Making Security Agile - Oleg Gryb
Making Security Agile - Oleg Gryb
SeniorStoryteller
DevSecOps - The big picture
DevSecOps - The big picture
Stefan Streichsbier
DevSecOps - The big picture
DevSecOps - The big picture
DevSecOpsSg
Take Control: Design a Complete DevSecOps Program
Take Control: Design a Complete DevSecOps Program
Deborah Schalm
DevSecCon Asia 2017 Fabian Lim: DevSecOps in the government
DevSecCon Asia 2017 Fabian Lim: DevSecOps in the government
DevSecCon
Simplify Dev with Complicated Security Tools
Simplify Dev with Complicated Security Tools
Kevin Fealey
DevSecOps: Minimizing Risk, Improving Security
DevSecOps: Minimizing Risk, Improving Security
Franklin Mosley
Dos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOps
Priyanka Aash
Defining DevSecOps
Defining DevSecOps
Uchit Vyas ☁
DevSecOps 101
DevSecOps 101
Narudom Roongsiriwong, CISSP
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
Amazon Web Services
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1
Mohammed A. Imran
DevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & Microservices
Sonatype
Ops Happens: DevOps Beyond Deployment - Damon Edwards
Ops Happens: DevOps Beyond Deployment - Damon Edwards
SeniorStoryteller
Introduction to DevSecOps
Introduction to DevSecOps
Setu Parimi
DevSecOps OWASP
DevSecOps OWASP
Priyanka Raghavan
DevSecOps in Baby Steps
DevSecOps in Baby Steps
Priyanka Aash
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
SeniorStoryteller
Was ist angesagt?
(20)
A Secure DevOps Journey
A Secure DevOps Journey
Barriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome Them
Making Security Agile - Oleg Gryb
Making Security Agile - Oleg Gryb
DevSecOps - The big picture
DevSecOps - The big picture
DevSecOps - The big picture
DevSecOps - The big picture
Take Control: Design a Complete DevSecOps Program
Take Control: Design a Complete DevSecOps Program
DevSecCon Asia 2017 Fabian Lim: DevSecOps in the government
DevSecCon Asia 2017 Fabian Lim: DevSecOps in the government
Simplify Dev with Complicated Security Tools
Simplify Dev with Complicated Security Tools
DevSecOps: Minimizing Risk, Improving Security
DevSecOps: Minimizing Risk, Improving Security
Dos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOps
Defining DevSecOps
Defining DevSecOps
DevSecOps 101
DevSecOps 101
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1
DevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & Microservices
Ops Happens: DevOps Beyond Deployment - Damon Edwards
Ops Happens: DevOps Beyond Deployment - Damon Edwards
Introduction to DevSecOps
Introduction to DevSecOps
DevSecOps OWASP
DevSecOps OWASP
DevSecOps in Baby Steps
DevSecOps in Baby Steps
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
Andere mochten auch
Implementing an Application Security Pipeline in Jenkins
Implementing an Application Security Pipeline in Jenkins
Suman Sourav
Building Security In - A Tale of Two Stories - Laksh Raghavan
Building Security In - A Tale of Two Stories - Laksh Raghavan
SeniorStoryteller
Continuous Application Security at Scale with IAST and RASP -- Transforming D...
Continuous Application Security at Scale with IAST and RASP -- Transforming D...
Jeff Williams
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to Security
Alert Logic
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
Nick Galbreath
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
Amazon Web Services
How to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOps
Zane Lackey
DevOps and IT security
DevOps and IT security
ch.osme
DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)
Arjun Comar
Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed
Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed
SeniorStoryteller
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Puppet
The Journey to DevSecOps
The Journey to DevSecOps
SeniorStoryteller
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOps
IBM Security
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
DevSecOpsSg
Automating Security in Building Software
Automating Security in Building Software
Sonatype
Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016
Stefan Streichsbier
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...
SeniorStoryteller
Devops security-An Insight into Secure-SDLC
Devops security-An Insight into Secure-SDLC
Suman Sourav
Integrating DevOps and Security
Integrating DevOps and Security
Stijn Muylle
Justin collins - Practical Static Analysis for continuous application delivery
Justin collins - Practical Static Analysis for continuous application delivery
DevSecCon
Andere mochten auch
(20)
Implementing an Application Security Pipeline in Jenkins
Implementing an Application Security Pipeline in Jenkins
Building Security In - A Tale of Two Stories - Laksh Raghavan
Building Security In - A Tale of Two Stories - Laksh Raghavan
Continuous Application Security at Scale with IAST and RASP -- Transforming D...
Continuous Application Security at Scale with IAST and RASP -- Transforming D...
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to Security
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
How to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOps
DevOps and IT security
DevOps and IT security
DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)
Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed
Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
The Journey to DevSecOps
The Journey to DevSecOps
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOps
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
Automating Security in Building Software
Automating Security in Building Software
Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...
Devops security-An Insight into Secure-SDLC
Devops security-An Insight into Secure-SDLC
Integrating DevOps and Security
Integrating DevOps and Security
Justin collins - Practical Static Analysis for continuous application delivery
Justin collins - Practical Static Analysis for continuous application delivery
Ähnlich wie DevSecOps - Building Rugged Software
SUCCEEDING WITH DEVOPS DEVOPS
SUCCEEDING WITH DEVOPS DEVOPS
DevOps Agile Skills Association-DASA
DevOpsDays Houston 2019 - Sagar Karmarkar - Organic DevOps - DevOps from with...
DevOpsDays Houston 2019 - Sagar Karmarkar - Organic DevOps - DevOps from with...
DevOpsDays Houston
Meetup DevOps - Accelerate
Meetup DevOps - Accelerate
Delta-N
BrainQuest-DevOps
BrainQuest-DevOps
Eric Phan
Devopsguys DevOps 101 for recruiters
Devopsguys DevOps 101 for recruiters
DevOpsGroup
Untangling DevOps - A high-level overview and how we got here
Untangling DevOps - A high-level overview and how we got here
Barton George
Rethinking Your DevOps Strategy
Rethinking Your DevOps Strategy
Mandi Walls
DevOps Culture transformation in Modern Software Delivery
DevOps Culture transformation in Modern Software Delivery
Najib Radzuan
DevOps and Digital Transformation
DevOps and Digital Transformation
Omid Shariati
Delivering Better Software Faster (Without Breaking Everything)
Delivering Better Software Faster (Without Breaking Everything)
XebiaLabs
Starting an Open Source Program Office (OSPO)
Starting an Open Source Program Office (OSPO)
Chris Aniszczyk
DevOps and its impact
DevOps and its impact
Cisco DevNet
DevOpsGuys - Getting Started with DevOps - Github/Azure Webinar
DevOpsGuys - Getting Started with DevOps - Github/Azure Webinar
DevOpsGroup
5 Hottest Trends The DevOps World Wants You To Know!
5 Hottest Trends The DevOps World Wants You To Know!
Ajeet Singh
OS Accelerate London - 09/16/15
OS Accelerate London - 09/16/15
Appnovation Technologies
How to get the best out of DevSecOps - a developers perspective
How to get the best out of DevSecOps - a developers perspective
Colin Domoney
Agile DevOps Transformation At HUD (AgileDC 2017)
Agile DevOps Transformation At HUD (AgileDC 2017)
Marco Corona
DevOps a peek into high performing organizations
DevOps a peek into high performing organizations
Ram0603
Patterns for Success: Lessons Learned When Adopting Enterprise DevOps
Patterns for Success: Lessons Learned When Adopting Enterprise DevOps
Cognizant
Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...
Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...
TriNimbus
Ähnlich wie DevSecOps - Building Rugged Software
(20)
SUCCEEDING WITH DEVOPS DEVOPS
SUCCEEDING WITH DEVOPS DEVOPS
DevOpsDays Houston 2019 - Sagar Karmarkar - Organic DevOps - DevOps from with...
DevOpsDays Houston 2019 - Sagar Karmarkar - Organic DevOps - DevOps from with...
Meetup DevOps - Accelerate
Meetup DevOps - Accelerate
BrainQuest-DevOps
BrainQuest-DevOps
Devopsguys DevOps 101 for recruiters
Devopsguys DevOps 101 for recruiters
Untangling DevOps - A high-level overview and how we got here
Untangling DevOps - A high-level overview and how we got here
Rethinking Your DevOps Strategy
Rethinking Your DevOps Strategy
DevOps Culture transformation in Modern Software Delivery
DevOps Culture transformation in Modern Software Delivery
DevOps and Digital Transformation
DevOps and Digital Transformation
Delivering Better Software Faster (Without Breaking Everything)
Delivering Better Software Faster (Without Breaking Everything)
Starting an Open Source Program Office (OSPO)
Starting an Open Source Program Office (OSPO)
DevOps and its impact
DevOps and its impact
DevOpsGuys - Getting Started with DevOps - Github/Azure Webinar
DevOpsGuys - Getting Started with DevOps - Github/Azure Webinar
5 Hottest Trends The DevOps World Wants You To Know!
5 Hottest Trends The DevOps World Wants You To Know!
OS Accelerate London - 09/16/15
OS Accelerate London - 09/16/15
How to get the best out of DevSecOps - a developers perspective
How to get the best out of DevSecOps - a developers perspective
Agile DevOps Transformation At HUD (AgileDC 2017)
Agile DevOps Transformation At HUD (AgileDC 2017)
DevOps a peek into high performing organizations
DevOps a peek into high performing organizations
Patterns for Success: Lessons Learned When Adopting Enterprise DevOps
Patterns for Success: Lessons Learned When Adopting Enterprise DevOps
Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...
Chris Munns, DevOps @ Amazon: Microservices, 2 Pizza Teams, & 50 Million Depl...
Mehr von SeniorStoryteller
Where Bits & Bytes Meet Flesh and Blood - Joshua Corman
Where Bits & Bytes Meet Flesh and Blood - Joshua Corman
SeniorStoryteller
What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...
What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...
SeniorStoryteller
Breaking Bad Equilibruim - John Willis
Breaking Bad Equilibruim - John Willis
SeniorStoryteller
NuGet Package Management Done Right
NuGet Package Management Done Right
SeniorStoryteller
Hero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and Docker
Hero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and Docker
SeniorStoryteller
Safely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous Delivery
SeniorStoryteller
Software Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOps
SeniorStoryteller
Heroes’ Journey: Learning from Successful DevOps Transformations
Heroes’ Journey: Learning from Successful DevOps Transformations
SeniorStoryteller
Rugged DevOps: Aligning Your Team and Your Powers for Success
Rugged DevOps: Aligning Your Team and Your Powers for Success
SeniorStoryteller
Create Rugged Applications: Managing Your Software Supply Chain
Create Rugged Applications: Managing Your Software Supply Chain
SeniorStoryteller
Aligning Your Team and Your Powers for Success
Aligning Your Team and Your Powers for Success
SeniorStoryteller
Leveraging Nexus Repository Manager at the Heart of DevOps
Leveraging Nexus Repository Manager at the Heart of DevOps
SeniorStoryteller
The DevOps Hero Toolkit: Nexus, Jenkins and Docker
The DevOps Hero Toolkit: Nexus, Jenkins and Docker
SeniorStoryteller
Guns, Germs and Microservices w/ John Willis and Josh Corman
Guns, Germs and Microservices w/ John Willis and Josh Corman
SeniorStoryteller
What We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOps
SeniorStoryteller
Release Engineering and Rugged DevOps: An Intersection?
Release Engineering and Rugged DevOps: An Intersection?
SeniorStoryteller
Ops Happen: Improve Security Without Getting in the Way
Ops Happen: Improve Security Without Getting in the Way
SeniorStoryteller
What We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOps
SeniorStoryteller
The R.O.A.D to DevOps
The R.O.A.D to DevOps
SeniorStoryteller
Building Security Controls around Attack Models
Building Security Controls around Attack Models
SeniorStoryteller
Mehr von SeniorStoryteller
(20)
Where Bits & Bytes Meet Flesh and Blood - Joshua Corman
Where Bits & Bytes Meet Flesh and Blood - Joshua Corman
What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...
What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...
Breaking Bad Equilibruim - John Willis
Breaking Bad Equilibruim - John Willis
NuGet Package Management Done Right
NuGet Package Management Done Right
Hero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and Docker
Hero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and Docker
Safely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous Delivery
Software Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOps
Heroes’ Journey: Learning from Successful DevOps Transformations
Heroes’ Journey: Learning from Successful DevOps Transformations
Rugged DevOps: Aligning Your Team and Your Powers for Success
Rugged DevOps: Aligning Your Team and Your Powers for Success
Create Rugged Applications: Managing Your Software Supply Chain
Create Rugged Applications: Managing Your Software Supply Chain
Aligning Your Team and Your Powers for Success
Aligning Your Team and Your Powers for Success
Leveraging Nexus Repository Manager at the Heart of DevOps
Leveraging Nexus Repository Manager at the Heart of DevOps
The DevOps Hero Toolkit: Nexus, Jenkins and Docker
The DevOps Hero Toolkit: Nexus, Jenkins and Docker
Guns, Germs and Microservices w/ John Willis and Josh Corman
Guns, Germs and Microservices w/ John Willis and Josh Corman
What We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOps
Release Engineering and Rugged DevOps: An Intersection?
Release Engineering and Rugged DevOps: An Intersection?
Ops Happen: Improve Security Without Getting in the Way
Ops Happen: Improve Security Without Getting in the Way
What We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOps
The R.O.A.D to DevOps
The R.O.A.D to DevOps
Building Security Controls around Attack Models
Building Security Controls around Attack Models
Kürzlich hochgeladen
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
gurkirankumar98700
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Allon Mureinik
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
The Digital Insurer
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
HampshireHUG
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
Kürzlich hochgeladen
(20)
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
DevSecOps - Building Rugged Software
1.
1 DevSecOps BUILDING RUGGED SOFTWARE SHANNON LIETZ Copyright © DevSecOps Foundation 2015-2016
2.
2 Copyright © DevSecOps Foundation
2015-2016 What’s Happening in the World? • DEVOPS • PUBLIC CLOUD • AGILE • SCRUM • LEAN • LOW-CODE • NO-CODE • NO OPS • … https://www.google.com/trends/
3.
3 Copyright © DevSecOps Foundation
2015-2016 A History Lesson – Google Trends Research • Several years after the Agile Manifesto, DevOps.com was registered in 2004 • Google searches for “DevOps” started to rise in 2010 • Major influences: • Saving your Infrastructure from DevOps / Chicago Tribune • DevOps: A Culture Shift, Not a Technology / Information Week • DevOps: A Sharder’s Tale from Etsy • DevOps.com articles • RuggedSoftware.org was registered in 2010 • As of 2013, DevSecOps is on the map…
4.
4 Copyright © DevSecOps Foundation
2015-2016 Who’s doing Enterprise DevOps? …
5.
5 Copyright © DevSecOps Foundation
2015-2016 What’s the business benefit? Business strategy is achieved with the collaboration of all departments and providers in service to the customer who requires better, faster, cheaper, secure products and services.
6.
6 Copyright © DevSecOps Foundation
2015-2016 What Hinders Secure Innovation? 1. Manual processes & meeting culture 2. Point in time assessments 3. Friction for friction’s sake 4. Contextual misunderstandings 5. Decisions being made outside of value creation 6. Late constraints and requirements 7. Big commitments, big teams, and big failures 8. Fear of failure, lack of learning 9. Lack of inspiration 10. Management and political interference (approvals, exceptions) ...
7.
7 Copyright © DevSecOps Foundation
2015-2016 Say What??!! http://donsmaps.com/images22/mutta1200.jpg
8.
8 Copyright © DevSecOps Foundation
2015-2016 • Innovation is a competitive advantage • Cloud has leveled the playing field • Demand for Customer centric product development • Continuous delivery of features and changes • New generation of workers desire collaboration • Speed and scale are necessary to handle demand • Integration over invention to speed up results • Security breaches are on the rise • People desire to work with greater autonomy... • Continuous Learning... How can I do better? & better? The Need for Change commons.wikimedia.org
9.
9 Copyright © DevSecOps Foundation
2015-2016 Culture Hacking Traditional Security Security is Everyone’s Responsibility DEVSECOPS
10.
10 Copyright © DevSecOps Foundation
2015-2016 The Art of DevSecOps DevSecOps Security Engineering Experiment, Automate, Test Security Operations Hunt, Detect, Contain Compliance Operations Respond, Manage, Train Security Science Learn, Measure, Forecast
11.
11 The Secure Software Supply Chain • Gating processes are not Deming-like • Security is a design constraint •
Decisions made by engineering teams • Hard to avoid business catastrophes by applying one-size-fits-all strategies • Security defects is more like a security “recall” design build deploy operate How do I secure my app? What component is secure enough? How do I secure secrets for the app? Is my app getting attacked? How? Typical gates for security checks & balances Mistakes and drift often happen after design and build phases that result in weaknesses and potentially exploits Most costly mistakes Happen during design Faster security feedback loop Copyright © DevSecOps Foundation 2015-2016
12.
12 Copyright © DevSecOps Foundation
2015-2016 From a Traditional Supply Chain… When will you solve my problem?!! Can we discuss my feedback? Did we pass the 98 point inspection? Thanks to Henrik Kniberg
13.
13 Copyright © DevSecOps Foundation
2015-2016 To a Customer Centric Supply Chain Thanks to Henrik Kniberg Awesome!When can I bring my kids with me? Does it come in Red? Can this be motorized to go faster and for longer trips? Better than walking, for sure… but not by much... Security must shift left with a Science Mindset like all other Ops…
14.
14 Copyright © DevSecOps Foundation
2015-2016 Shifting Security to the Left means built-in design build deploy operate How do I secure my app? What component is secure enough? How do I secure secrets for the app? Is my app getting attacked? How? Typical gates for security checks & balances Mistakes and drift often happen after design and build phases that result in weaknesses and potentially exploits Most costly mistakes Happen during design Faster security feedback loop Security is a Design Constraint
15.
15 • Everyone knows Maslow… • If you can remember 5 things, remember these -> “Apps & data are as safe as where you put it, what’s in it, how you inspect it, who talks to it, and how its protected…” Copyright
© DevSecOps Foundation 2015-2016 Security is and has always been a Design Constraint…
16.
16 Copyright © DevSecOps Foundation
2015-2016 But Please No Checklists & Save the Trees!! Page 3 of 433 X deforestation: https://www.flickr.com/photos/foreignoffice/3509228297
17.
17 Security Governance Transparency via Continuous Improvement https://www.kpmg.com/BE/en/IssuesAndInsights/ArticlesPublications/Documents/Transforming-Internal-Audit.pdf
18.
18 Copyright © DevSecOps
Foundation 2015-2016 Security as Code / Everything as Code • Paper-resident policies do not stand up to constant cloud evolution and lessons learned. • Translation from paper to code and back can lead to serious mistakes. • Traditional security policies do not 1:1 translate to Full Stack deployments. Data Center Cloud Provider Network • LOCK YOUR DOORS • BADGE IN • AUTHORIZED PERSONNEL ONLY • BACKGROUND CHECKS • CHOOSE STRONG PASSWORDS • USE MFA • ROTATE API CREDENTIALS • CROSS-ACCOUNT ACCESS EVERYTHING AS CODE Page 3 of 433
19.
19 Copyright © DevSecOps Foundation
2015-2016 Example of Continuous Delivery + Security Source Code CI Server Artifacts MonitoringDeployTest & Scan DevOps Code - Creating Value & Availability DevSecOps Code - Creating Trust & Confidence
20.
20 Copyright © DevSecOps Foundation
2015-2016 Continuous Feedback THE FEEDBACK HIGHWAY PRODUCT SCRUM TEAM THE INTEL HIGHWAY SECURITY TESTING & DATA PLATFORM SECURITY TEAM SECURITY COMMUNITY
21.
21 Copyright © DevSecOps Foundation
2015-2016 Continuous Security Engineering & Science Monitor & Inspect Everything insights security sciencesecurity tools & data Cloud accounts S3 Glacier EC2 CloudTrail ingestion threat intel security feedback loop continuous response
22.
22 Red Team, Security Operations & Science API KEY EXPOSURE -> 8 HRS DEFAULT
CONFIGS -> 24 HRS SECURITY GROUPS -> 24 HRS ESCALATION OF PRIVS -> 5 D KNOWN VULN -> 8 HRS Copyright © DevSecOps Foundation 2015-2016
23.
23 Security Decision Support Copyright © DevSecOps Foundation 2015-2016
24.
24 This Could Be Your Mean Time to Resolution… Copyright © DevSecOps Foundation 2015-2016 MTTR Days…
6 months
25.
25 Copyright © DevSecOps Foundation
2015-2016 Get Involved and Join the Community • devsecops.org • @devsecops on Twitter • DevSecOps on LinkedIn • DevSecOps on Github • RuggedSoftware.org • Compliance at Velocity
Jetzt herunterladen