Security teams must adapt security controls to the growing use of DevOps processes such as cloud services, Continuous Integration and Continuous Deployment. Many of them are adopting an approach of Security delivered as a service, or DevSecOps.
In this webcast, SANS Senior Analyst John Pescatore joins Chris Carlson, VP Product Management for Qualys Cloud Agent Platform, discuss how DevSecOps helps security teams work with DevOps to embed continuous security into IT and application infrastructure, and how to get started and build a DevSecOps program for improved and automated auditing, compliance, and control of applications.
The presentation covers:
• How and why security teams are partnering with app developers and sysadmins to build continuous security capabilities that are embedded into the fabric of IT and application infrastructures
• The key elements of DevOps and modern cloud architecture models driving quality and rapid technical innovation, and how they successfully drive business value
• Why applying DevOps and cloud architecture models to security delivers business value such as lower overall risk, capital expense, and operating costs
• Methods to build DevSecOps into both cloud-first and cloud migration infrastructure deployments and achieve common business benefits in either environment
• The initial steps security teams can take right away to engage application and DevOps counterparts in DevSecOps, and milestones to achieve for quick wins with business value as well as control in active projects.
• Case studies on three industry leaders in how security is applied to DevOps to support secure digital transformation projects.
Watch the on-demand webcast: https://www.sans.org/webcasts/105720