If you're trying to figure out how to run enterprise applications and services on AWS securely, come join Intuit and the AWS Professional Services team to learn how to embrace a new discipline called DevSecOps. You'll learn more about software-defined security and why we think that DevSecOps helps organizations large and small adopt cloud services at a rapid pace. We'll provide you with links and information to help you get started with creating your own DevSecOps team.
3. Secure Enterprise Workloads in the Cloud…
•Pain
•Trial & Error
•Blood, sweat & tears
•Ouch, my head hurts!
It would have been great to hear this speech a couple years ago….
Bang
Head
Here
5. Security as Code?
Experiment: Automate
Policy Governance
Security Operations?
Experiment: Detection via Security Operations
Experiment: Compliance via DevSecOpstoolkit
Experiment: Science via Profiling
DevOps+ Security
DevOps+ DevSecOps
Compliance Operations?
Science?
Start Here?
6. Embedding into DevOpswas a disaster…
–Compliance checklists didn’t take us far before we stopped scaling…
–We couldn’t keep up with deployments without automation…
–Standard Security Operations did not work…
–And we needed far more data than we expected to help the business make decisions…