-
Be the first to like this
Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.
Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.
Published on
Security Architecture in DEVOPS
Title:
Security Architect, slayer of dragons defenders of the realms and protectors of the cybersecurity automation
Synopsis:
The talk will take the audience on a journey from the origin of the security architecture, the challenge of cloud security and the role of an architect in the dev-sec-ops world.
The talk explains the difference between traditional command and control governance and the solution to avoid starving automation and innovation with traditional security governance
We will explore:
Security Gates and why they do not always work in dev-ops
Automation how-tos:
How to deploy cybersecurity at scale
Why is important to know how to deal with people
Automation in the pipeline is the king
If time is available the talk will explore some additional lesson learned
rough length: compressed version 30 min normally 50 min or workshop format
Audience Take Away:
How to build a cybersecurity programme with architecture at the heart
how to do traditional security governance
how to mix governance and agile development as well as dev sec ops
how to extract patterns from existing design
the value of design principle patterns and why they are key to go fast.
how and when to use tools (SAST/DAST) and when to engineer
Be the first to like this
Login to see the comments