SlideShare a Scribd company logo

DevOps for Defenders in the Enterprise

James Wickett
James Wickett

DevOps for Defenders from SecCon 2014. Geared towards security engineers in the enterprise.

Technology
1 of 141
Download to read offline
DevOps for Defenders Ruggedizing the Pipeline
James Wickett james@wickett.me Austin, TX Rugged Dev Podcast Gauntlt Core Team DevOps Days Austin Organizer DevOps Days Global Organizer
My Journey Clouding since 2008 and DevOpsing since 2010! Led National Instruments R&D Cloud Ops team IoT and Cloud products at Mentor Graphics Working at Signal Sciences Corp
We’re making AppSec effective and practical signalsciences.com
Conclusions We optimize for the perceived probable Agile, DevOps and Continuous Delivery practices have approached this problem in different ways InfoSec is behind but has a chance to add value Integrating into the build pipeline wins
Humans optimize for the probable
We optimize for the probable
Happy Path Engineering
We optimize for the possible
Over Engineering
We optimize for the perceived probable
How do we perceive what is probable?
How do we know anything?
Epistemological Problem of Software Development
We attempt to solve it by gathering data or rhetoric
Approaches to solve perceived probable problem
Arc 1: Agile
Agile discovered we don’t know what we are building
Solution: release features to customers rapidly
Just Ship It!
Behavior Driven Development is a second-generation, outside–in, pull-based, multiple-stakeholder, multiple-scale, high-automation, agile methodology. It describes a cycle of interactions with well-defined outputs, resulting in the delivery of working, tested software that matters. Dan North , 2009
Agile Summary Rapid Iterations Win
Agile eventually births DevOps
Arc 2: DevOps
Agile Infrastructure @littleidea @patrickdebois at Velocity 2009 http://itrevolution.com/the-history-of-devops/
http://www.slideshare.net/jallspaw/10-deploys-per-day-dev-and-ops-cooperation-at-flickr
First DevOps Days, Ghent 2009 @patrickdebois
DevOps is a community movement
http://dev2ops.org/blog/2010/2/22/what-is-devops.html
DevOps realized that Ops doesn't know what Devs know and vice versa
DevOps is an epistemological breakthrough joining disparate people around a common problem
Culture
Traditional Dev to Ops Ratio Dev : Ops 10 : 1
“That the word #devops gets reduced to technology is a manifestation of how badly we need a cultural shift” - @patrickdebois http://www.slideshare.net/cm6051/london-devops-31-5-years-of-devops
Culture is the most important aspect to DevOps succeeding in the enterprise
What we value determines our culture
Culture affects
Mutual Understanding Shared Language Openness Visualization Tooling
http://puppetlabs.com/sites/default/files/2014-state-of-devops-report.pdf
the first scientific study of the relationship between organizational performance, IT performance and DevOps practices
Firms with high-performing IT organizations were twice as likely to exceed their profitability, market share and productivity goals.
DevOps practices improve IT performance
Organizational culture is one of the strongest predictors of both IT performance and overall performance of the organization.
Job satisfaction is the No. 1 predictor of organizational performance.
Culture Automation Measurement Sharing @botchagalupe @damonedwards
Antipattern: Rebrand your ops team to devops team
Culture Influencers Decrease time from development to release Blameless post-mortems Reward failure and have a high emphasis on testing Unite different disciplines (like dev + ops) to solve problems http://www.slideshare.net/wickett/the-devops-way-of-delivering-results-in-the-enterprise
Automation
Antipattern: Manual config of production environment
Beware of the DevOps Software Solution
Seek automation to increase repeatability
A Sample of the Automation toolspace Chef, Puppet, Ansible, CfEngine Rundeck, Mcollective Jenkins, Travis, Kitchen Cucumber, Gauntlt, ServerSpec Vagrant, Docker
Decrease barriers to Deploy
Measurement
Old Way: CPU, Mem, Avg Load
New Way Metrics mapped to stuff you actually care about
Business Metrics Event Correlation Usage based monitoring
Sharing
Dashboards for all to see Cultural adjustment Deploy Bot
Arc 3: Continuous Delivery
DevOps Deming Style!
Manufacturing Wisdom of the 50’s and 60’s
Goldratt Deming Toyota
Black Belts Six Sigma Kanban Lean
Batch size of 1
Old Way Changes break stuff, so limit them and batch them all together
Change Control Windows Roll Backs
New Way Delivery of one change at a time reduces outages, increases performance, and limits technical debt
Anyone can deploy… You must deploy your stuff
Continuous Delivery is not merely how often you deliver but how little you can deliver at a time
The Next Arc: Security
The Next Arc: Security Rugged
“… those stupid developers” - Security person
“Security prefers a system powered off and unplugged” - Developer
Cultural unrest with security in an organization
Differing priorities
Compliance Driven Culture: PCI, SOX, …
“[risk assessment] introduces a dangerous fallacy: that structured inadequacy is almost as good as adequacy and that underfunded security efforts plus risk management are about as good as properly funded security work”
Ratio Problem Devs : Ops : Security 100 : 10 : 1
Security Tools are run out-of-band
Security tools are confusing
and when they are done they give you this lovely gem
The tide is changing
Resiliency Engineering
Netflix famously released chaos monkey
Rugged
The Rugged Manifesto
I am rugged and, more importantly, my code is rugged. I recognize that software has become a foundation of our modern world. I recognize the awesome responsibility that comes with this foundational role.
I recognize that my code will be used in ways I cannot anticipate, in ways it was not designed, and for longer than it was ever intended. I recognize that my code will be attacked by talented and persistent adversaries who threaten our physical, economic and national security.
I recognize these things – and I choose to be rugged. I am rugged because I refuse to be a source of vulnerability or weakness. I am rugged because I assure my code will support its mission.
I am rugged because my code can face these challenges and persist in spite of them. I am rugged, not because it is easy, but because it is necessary and I am up for the challenge.
http://www.slideshare.net/wickett/putting-rugged-into-your-devops-toolchain
Dev / Ops / Sec Join forces
The Society of Rugged Developers ruggeddev.org
Rugged Journey Quality Transparency Value Creation Culture infusion
#RuggedDevOps
http://www.slideshare.net/wickett/putting-rugged-into-your-devops-toolchain
http://videos.2012.appsecusa.org/video/54250716
http://www.youtube.com/watch?v=jQblKuMuS0Y
https://speakerdeck.com/garethr/security-monitoring-penetration-testing-meets-monitoring
http://vimeo.com/75930344 https://speakerdeck.com/mkonda/appsecusa-2013-insecure-expectations
Try this at home
Add Security Tooling to Delivery Pipeline
…to influence Culture, Automation, Measurement and Sharing
Security Testing Static Code Analysis Dynamic Testing Virus Scanning Code Signing Checks Business logic/flow testing
Wouldn’t it be great if we could automate our security tests…
http://static.hothdwallpaper.net/51b8e4ee5a5ae19808.jpg
Enter Gauntlt
gauntlt.org
Gauntlt Philosophy Gauntlt comes with pre-canned steps that hook security testing tools Gauntlt does not install tools Gauntlt can be part of the CI/CD pipeline Be a good citizen of exit status and stdout/stderr MIT Open Source License
Security + Cucumber = Gauntlt
Attack Logic GIVEN WHEN THEN
Who uses Gauntlt?
arachni nmap sqlmap sslyze dirb garmr generic
sqli xss fuzzing forceful browsing info leaks heartbleed …
TLDR; Gauntlt automates security tools
TLDR; Gauntlt facilitates collaboration
more on gauntlt • Google Group > https://groups.google.com/d/ forum/gauntlt • Wiki > https://github.com/gauntlt/gauntlt/wiki • Twitter > @gauntlt • IRC > #gauntlt on freenode • Issue tracking > http://github.com/gauntlt/gauntlt
Free Gauntlt Book request a copy book@gauntlt.org Caveat Emptor: Under development! Valid until Dec 3rd
Try this at home
Fully functioning attacking pipeline
Fork this repo
https://github.com/secure-pipeline/rails-travis-example
Go through the labs in ./velocity
Conclusions We optimize for the perceived probable Agile, DevOps and Continuous Delivery practices have approached this problem in different ways InfoSec is behind but has a chance to add value Integrating into the build pipeline wins

Recommended

NewOps Days 2019: The New Ways of Chaos, Security, and DevOps
NewOps Days 2019: The New Ways of Chaos, Security, and DevOpsNewOps Days 2019: The New Ways of Chaos, Security, and DevOps
NewOps Days 2019: The New Ways of Chaos, Security, and DevOpsJames Wickett
 
DevOps for the Discouraged
DevOps for the Discouraged DevOps for the Discouraged
DevOps for the Discouraged James Wickett
 
DevSecOps and the New Path Forward
DevSecOps and the New Path ForwardDevSecOps and the New Path Forward
DevSecOps and the New Path ForwardJames Wickett
 
Application Security Epistemology in a Continuous Delivery World
Application Security Epistemology in a Continuous Delivery WorldApplication Security Epistemology in a Continuous Delivery World
Application Security Epistemology in a Continuous Delivery WorldJames Wickett
 
The New Ways of Chaos, Security, and DevOps
The New Ways of Chaos, Security, and DevOpsThe New Ways of Chaos, Security, and DevOps
The New Ways of Chaos, Security, and DevOpsJames Wickett
 
The Seven Habits of the Highly Effective DevSecOp
The Seven Habits of the Highly Effective DevSecOpThe Seven Habits of the Highly Effective DevSecOp
The Seven Habits of the Highly Effective DevSecOpJames Wickett
 
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"Aaron Rinehart
 
Epistemological Problem of Application Security
Epistemological Problem of Application SecurityEpistemological Problem of Application Security
Epistemological Problem of Application SecurityJames Wickett
 

Recommended

NewOps Days 2019: The New Ways of Chaos, Security, and DevOps
NewOps Days 2019: The New Ways of Chaos, Security, and DevOpsNewOps Days 2019: The New Ways of Chaos, Security, and DevOps
NewOps Days 2019: The New Ways of Chaos, Security, and DevOpsJames Wickett
 
DevOps for the Discouraged
DevOps for the Discouraged DevOps for the Discouraged
DevOps for the Discouraged James Wickett
 
DevSecOps and the New Path Forward
DevSecOps and the New Path ForwardDevSecOps and the New Path Forward
DevSecOps and the New Path ForwardJames Wickett
 
Application Security Epistemology in a Continuous Delivery World
Application Security Epistemology in a Continuous Delivery WorldApplication Security Epistemology in a Continuous Delivery World
Application Security Epistemology in a Continuous Delivery WorldJames Wickett
 
The New Ways of Chaos, Security, and DevOps
The New Ways of Chaos, Security, and DevOpsThe New Ways of Chaos, Security, and DevOps
The New Ways of Chaos, Security, and DevOpsJames Wickett
 
The Seven Habits of the Highly Effective DevSecOp
The Seven Habits of the Highly Effective DevSecOpThe Seven Habits of the Highly Effective DevSecOp
The Seven Habits of the Highly Effective DevSecOpJames Wickett
 
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"Aaron Rinehart
 
Epistemological Problem of Application Security
Epistemological Problem of Application SecurityEpistemological Problem of Application Security
Epistemological Problem of Application SecurityJames Wickett
 
Pragmatic Security and Rugged DevOps - SXSW 2015
Pragmatic Security and Rugged DevOps - SXSW 2015Pragmatic Security and Rugged DevOps - SXSW 2015
Pragmatic Security and Rugged DevOps - SXSW 2015James Wickett
 
Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....Eturnti Consulting Pvt Ltd
 
The Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the WorldThe Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the WorldJames Wickett
 
2012 Velocity London: DevOps Patterns Distilled
2012 Velocity London: DevOps Patterns Distilled2012 Velocity London: DevOps Patterns Distilled
2012 Velocity London: DevOps Patterns DistilledGene Kim
 
2014 State Of DevOps Findings! Velocity Conference
2014 State Of DevOps Findings! Velocity Conference2014 State Of DevOps Findings! Velocity Conference
2014 State Of DevOps Findings! Velocity ConferenceGene Kim
 
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...Burr Sutter
 
RSA Conference APJ 2019 DevSecOps Days Security Chaos Engineering
RSA Conference APJ 2019 DevSecOps Days Security Chaos EngineeringRSA Conference APJ 2019 DevSecOps Days Security Chaos Engineering
RSA Conference APJ 2019 DevSecOps Days Security Chaos EngineeringAaron Rinehart
 
How Can We Better Sell DevOps?
How Can We Better Sell DevOps?How Can We Better Sell DevOps?
How Can We Better Sell DevOps?Gene Kim
 
The Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSecThe Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSecJames Wickett
 
STARCANADA 2015: Lightning Strikes the Keynotes
STARCANADA 2015: Lightning Strikes the KeynotesSTARCANADA 2015: Lightning Strikes the Keynotes
STARCANADA 2015: Lightning Strikes the KeynotesTechWell
 
Outpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24 webinar: Turning DevOps and security into DevSecOpsOutpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24 webinar: Turning DevOps and security into DevSecOpsOutpost24
 
PNSQC 2021 January 28 Culture Jam
PNSQC 2021 January 28 Culture JamPNSQC 2021 January 28 Culture Jam
PNSQC 2021 January 28 Culture JamPacific Northwest Software Quality Conference
 
Leading A DevOps Transformation: Lessons Learned
Leading A DevOps Transformation: Lessons LearnedLeading A DevOps Transformation: Lessons Learned
Leading A DevOps Transformation: Lessons LearnedGene Kim
 
ServiceNow ITIL at Ludicrous Speeds - Rugged DevOps
ServiceNow ITIL at Ludicrous Speeds - Rugged DevOpsServiceNow ITIL at Ludicrous Speeds - Rugged DevOps
ServiceNow ITIL at Ludicrous Speeds - Rugged DevOpsGene Kim
 
State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019Stefan Streichsbier
 
2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!
2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!
2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!Gene Kim
 
DevOps – what is it? Why? Is it real? How to do it?
DevOps – what is it? Why? Is it real? How to do it?DevOps – what is it? Why? Is it real? How to do it?
DevOps – what is it? Why? Is it real? How to do it?Sailaja Tennati
 
Kim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6a
Kim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6aKim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6a
Kim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6aGene Kim
 
PuppetConf2012GeneKim
PuppetConf2012GeneKimPuppetConf2012GeneKim
PuppetConf2012GeneKimGene Kim
 
Optimizing Security Velocity in Your DevSecOps Pipeline at Scale
Optimizing Security Velocity in Your DevSecOps Pipeline at ScaleOptimizing Security Velocity in Your DevSecOps Pipeline at Scale
Optimizing Security Velocity in Your DevSecOps Pipeline at ScaleDenim Group
 
How to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application SecurityHow to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application SecurityJames Wickett
 
Be Mean To Your Code: Rugged Development & You
Be Mean To Your Code: Rugged Development & YouBe Mean To Your Code: Rugged Development & You
Be Mean To Your Code: Rugged Development & YouJames Wickett
 

More Related Content

What's hot

Pragmatic Security and Rugged DevOps - SXSW 2015
Pragmatic Security and Rugged DevOps - SXSW 2015Pragmatic Security and Rugged DevOps - SXSW 2015
Pragmatic Security and Rugged DevOps - SXSW 2015James Wickett
 
Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....Eturnti Consulting Pvt Ltd
 
The Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the WorldThe Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the WorldJames Wickett
 
2012 Velocity London: DevOps Patterns Distilled
2012 Velocity London: DevOps Patterns Distilled2012 Velocity London: DevOps Patterns Distilled
2012 Velocity London: DevOps Patterns DistilledGene Kim
 
2014 State Of DevOps Findings! Velocity Conference
2014 State Of DevOps Findings! Velocity Conference2014 State Of DevOps Findings! Velocity Conference
2014 State Of DevOps Findings! Velocity ConferenceGene Kim
 
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...Burr Sutter
 
RSA Conference APJ 2019 DevSecOps Days Security Chaos Engineering
RSA Conference APJ 2019 DevSecOps Days Security Chaos EngineeringRSA Conference APJ 2019 DevSecOps Days Security Chaos Engineering
RSA Conference APJ 2019 DevSecOps Days Security Chaos EngineeringAaron Rinehart
 
How Can We Better Sell DevOps?
How Can We Better Sell DevOps?How Can We Better Sell DevOps?
How Can We Better Sell DevOps?Gene Kim
 
The Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSecThe Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSecJames Wickett
 
STARCANADA 2015: Lightning Strikes the Keynotes
STARCANADA 2015: Lightning Strikes the KeynotesSTARCANADA 2015: Lightning Strikes the Keynotes
STARCANADA 2015: Lightning Strikes the KeynotesTechWell
 
Outpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24 webinar: Turning DevOps and security into DevSecOpsOutpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24 webinar: Turning DevOps and security into DevSecOpsOutpost24
 
Leading A DevOps Transformation: Lessons Learned
Leading A DevOps Transformation: Lessons LearnedLeading A DevOps Transformation: Lessons Learned
Leading A DevOps Transformation: Lessons LearnedGene Kim
 
ServiceNow ITIL at Ludicrous Speeds - Rugged DevOps
ServiceNow ITIL at Ludicrous Speeds - Rugged DevOpsServiceNow ITIL at Ludicrous Speeds - Rugged DevOps
ServiceNow ITIL at Ludicrous Speeds - Rugged DevOpsGene Kim
 
State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019Stefan Streichsbier
 
2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!
2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!
2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!Gene Kim
 
DevOps – what is it? Why? Is it real? How to do it?
DevOps – what is it? Why? Is it real? How to do it?DevOps – what is it? Why? Is it real? How to do it?
DevOps – what is it? Why? Is it real? How to do it?Sailaja Tennati
 
Kim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6a
Kim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6aKim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6a
Kim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6aGene Kim
 
PuppetConf2012GeneKim
PuppetConf2012GeneKimPuppetConf2012GeneKim
PuppetConf2012GeneKimGene Kim
 
Optimizing Security Velocity in Your DevSecOps Pipeline at Scale
Optimizing Security Velocity in Your DevSecOps Pipeline at ScaleOptimizing Security Velocity in Your DevSecOps Pipeline at Scale
Optimizing Security Velocity in Your DevSecOps Pipeline at ScaleDenim Group
 

What's hot (20)

Pragmatic Security and Rugged DevOps - SXSW 2015
Pragmatic Security and Rugged DevOps - SXSW 2015Pragmatic Security and Rugged DevOps - SXSW 2015
Pragmatic Security and Rugged DevOps - SXSW 2015
 
Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....
 
The Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the WorldThe Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the World
 
2012 Velocity London: DevOps Patterns Distilled
2012 Velocity London: DevOps Patterns Distilled2012 Velocity London: DevOps Patterns Distilled
2012 Velocity London: DevOps Patterns Distilled
 
2014 State Of DevOps Findings! Velocity Conference
2014 State Of DevOps Findings! Velocity Conference2014 State Of DevOps Findings! Velocity Conference
2014 State Of DevOps Findings! Velocity Conference
 
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...
 
RSA Conference APJ 2019 DevSecOps Days Security Chaos Engineering
RSA Conference APJ 2019 DevSecOps Days Security Chaos EngineeringRSA Conference APJ 2019 DevSecOps Days Security Chaos Engineering
RSA Conference APJ 2019 DevSecOps Days Security Chaos Engineering
 
How Can We Better Sell DevOps?
How Can We Better Sell DevOps?How Can We Better Sell DevOps?
How Can We Better Sell DevOps?
 
The Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSecThe Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSec
 
STARCANADA 2015: Lightning Strikes the Keynotes
STARCANADA 2015: Lightning Strikes the KeynotesSTARCANADA 2015: Lightning Strikes the Keynotes
STARCANADA 2015: Lightning Strikes the Keynotes
 
Outpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24 webinar: Turning DevOps and security into DevSecOpsOutpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24 webinar: Turning DevOps and security into DevSecOps
 
PNSQC 2021 January 28 Culture Jam
PNSQC 2021 January 28 Culture JamPNSQC 2021 January 28 Culture Jam
PNSQC 2021 January 28 Culture Jam
 
Leading A DevOps Transformation: Lessons Learned
Leading A DevOps Transformation: Lessons LearnedLeading A DevOps Transformation: Lessons Learned
Leading A DevOps Transformation: Lessons Learned
 
ServiceNow ITIL at Ludicrous Speeds - Rugged DevOps
ServiceNow ITIL at Ludicrous Speeds - Rugged DevOpsServiceNow ITIL at Ludicrous Speeds - Rugged DevOps
ServiceNow ITIL at Ludicrous Speeds - Rugged DevOps
 
State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019
 
2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!
2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!
2013 Velocity DevOps Metrics -- It's Not Just For WebOps Any More!
 
DevOps – what is it? Why? Is it real? How to do it?
DevOps – what is it? Why? Is it real? How to do it?DevOps – what is it? Why? Is it real? How to do it?
DevOps – what is it? Why? Is it real? How to do it?
 
Kim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6a
Kim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6aKim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6a
Kim itSMF New England: ITIL at Ludicrous Speeds - Rugged DevOps 6a
 
PuppetConf2012GeneKim
PuppetConf2012GeneKimPuppetConf2012GeneKim
PuppetConf2012GeneKim
 
Optimizing Security Velocity in Your DevSecOps Pipeline at Scale
Optimizing Security Velocity in Your DevSecOps Pipeline at ScaleOptimizing Security Velocity in Your DevSecOps Pipeline at Scale
Optimizing Security Velocity in Your DevSecOps Pipeline at Scale
 

Viewers also liked

How to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application SecurityHow to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application SecurityJames Wickett
 
Be Mean To Your Code: Rugged Development & You
Be Mean To Your Code: Rugged Development & YouBe Mean To Your Code: Rugged Development & You
Be Mean To Your Code: Rugged Development & YouJames Wickett
 
Building your All-Star DevOps Team – "Planning, Process and Partners"
Building your All-Star DevOps Team – "Planning, Process and Partners"Building your All-Star DevOps Team – "Planning, Process and Partners"
Building your All-Star DevOps Team – "Planning, Process and Partners"Dustin Collins
 
Jan de Vries - How to convince your boss that it is DevOps that he wants
Jan de Vries - How to convince your boss that it is DevOps that he wantsJan de Vries - How to convince your boss that it is DevOps that he wants
Jan de Vries - How to convince your boss that it is DevOps that he wantsAgile Lietuva
 
Long live the DevOps team - LeedsDevOps - 2015-10-22 - Matthew Skelton
Long live the DevOps team - LeedsDevOps - 2015-10-22 - Matthew SkeltonLong live the DevOps team - LeedsDevOps - 2015-10-22 - Matthew Skelton
Long live the DevOps team - LeedsDevOps - 2015-10-22 - Matthew SkeltonSkelton Thatcher Consulting Ltd
 
DevOps Proverbs - DevOps Wisdom, Principles and Practices
DevOps Proverbs - DevOps Wisdom, Principles and PracticesDevOps Proverbs - DevOps Wisdom, Principles and Practices
DevOps Proverbs - DevOps Wisdom, Principles and PracticesJames Wickett
 
DevOps & the Dark Side 10 ways to convince your team DevOps is a force for good
DevOps & the Dark Side 10 ways to convince your team DevOps is a force for goodDevOps & the Dark Side 10 ways to convince your team DevOps is a force for good
DevOps & the Dark Side 10 ways to convince your team DevOps is a force for goodSteve Poole
 
Serverless Security: Doing Security in 100 milliseconds
Serverless Security: Doing Security in 100 millisecondsServerless Security: Doing Security in 100 milliseconds
Serverless Security: Doing Security in 100 millisecondsJames Wickett
 
Building A devopsy Team
Building A devopsy TeamBuilding A devopsy Team
Building A devopsy TeamKris Buytaert
 
Ignite: When You Need A DevOps Team
Ignite: When You Need A DevOps TeamIgnite: When You Need A DevOps Team
Ignite: When You Need A DevOps TeamMark Rendell
 
Testing in a DevOps team
Testing in a DevOps teamTesting in a DevOps team
Testing in a DevOps teamLaurent PY
 
Shirt Ops: How to make awesome t-shirts for your conference
Shirt Ops: How to make awesome t-shirts for your conferenceShirt Ops: How to make awesome t-shirts for your conference
Shirt Ops: How to make awesome t-shirts for your conferenceJames Wickett
 
Education Disrupted: 11 Trends That Are Changing Education Forever
Education Disrupted: 11 Trends That Are Changing Education ForeverEducation Disrupted: 11 Trends That Are Changing Education Forever
Education Disrupted: 11 Trends That Are Changing Education ForeverDavidov1
 
AWilson_finalunit_12-9-13 CTI
AWilson_finalunit_12-9-13 CTIAWilson_finalunit_12-9-13 CTI
AWilson_finalunit_12-9-13 CTIAmbrosia Wilson
 
A project report on evaluation of financial performance based on ratio analy...
A project report on evaluation of financial performance based on ratio analy...A project report on evaluation of financial performance based on ratio analy...
A project report on evaluation of financial performance based on ratio analy...Babasab Patil
 
Improv Content Strategy: Doing Things the Wrong Way, the Right Way
Improv Content Strategy: Doing Things the Wrong Way, the Right WayImprov Content Strategy: Doing Things the Wrong Way, the Right Way
Improv Content Strategy: Doing Things the Wrong Way, the Right WayGeorgiana Cohen
 
Estonia and European Debt Crisis
Estonia and European Debt CrisisEstonia and European Debt Crisis
Estonia and European Debt Crisiskaido vestberg
 

Viewers also liked (20)

How to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application SecurityHow to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application Security
 
Be Mean To Your Code: Rugged Development & You
Be Mean To Your Code: Rugged Development & YouBe Mean To Your Code: Rugged Development & You
Be Mean To Your Code: Rugged Development & You
 
Building your All-Star DevOps Team – "Planning, Process and Partners"
Building your All-Star DevOps Team – "Planning, Process and Partners"Building your All-Star DevOps Team – "Planning, Process and Partners"
Building your All-Star DevOps Team – "Planning, Process and Partners"
 
Jan de Vries - How to convince your boss that it is DevOps that he wants
Jan de Vries - How to convince your boss that it is DevOps that he wantsJan de Vries - How to convince your boss that it is DevOps that he wants
Jan de Vries - How to convince your boss that it is DevOps that he wants
 
Long live the DevOps team - LeedsDevOps - 2015-10-22 - Matthew Skelton
Long live the DevOps team - LeedsDevOps - 2015-10-22 - Matthew SkeltonLong live the DevOps team - LeedsDevOps - 2015-10-22 - Matthew Skelton
Long live the DevOps team - LeedsDevOps - 2015-10-22 - Matthew Skelton
 
DevOps Proverbs - DevOps Wisdom, Principles and Practices
DevOps Proverbs - DevOps Wisdom, Principles and PracticesDevOps Proverbs - DevOps Wisdom, Principles and Practices
DevOps Proverbs - DevOps Wisdom, Principles and Practices
 
DevOps & the Dark Side 10 ways to convince your team DevOps is a force for good
DevOps & the Dark Side 10 ways to convince your team DevOps is a force for goodDevOps & the Dark Side 10 ways to convince your team DevOps is a force for good
DevOps & the Dark Side 10 ways to convince your team DevOps is a force for good
 
Serverless Security: Doing Security in 100 milliseconds
Serverless Security: Doing Security in 100 millisecondsServerless Security: Doing Security in 100 milliseconds
Serverless Security: Doing Security in 100 milliseconds
 
Building A devopsy Team
Building A devopsy TeamBuilding A devopsy Team
Building A devopsy Team
 
Ignite: When You Need A DevOps Team
Ignite: When You Need A DevOps TeamIgnite: When You Need A DevOps Team
Ignite: When You Need A DevOps Team
 
Testing in a DevOps team
Testing in a DevOps teamTesting in a DevOps team
Testing in a DevOps team
 
Why to docker
Why to dockerWhy to docker
Why to docker
 
Shirt Ops: How to make awesome t-shirts for your conference
Shirt Ops: How to make awesome t-shirts for your conferenceShirt Ops: How to make awesome t-shirts for your conference
Shirt Ops: How to make awesome t-shirts for your conference
 
Steve jobs
Steve jobsSteve jobs
Steve jobs
 
Education Disrupted: 11 Trends That Are Changing Education Forever
Education Disrupted: 11 Trends That Are Changing Education ForeverEducation Disrupted: 11 Trends That Are Changing Education Forever
Education Disrupted: 11 Trends That Are Changing Education Forever
 
AWilson_finalunit_12-9-13 CTI
AWilson_finalunit_12-9-13 CTIAWilson_finalunit_12-9-13 CTI
AWilson_finalunit_12-9-13 CTI
 
Avto0232
Avto0232Avto0232
Avto0232
 
A project report on evaluation of financial performance based on ratio analy...
A project report on evaluation of financial performance based on ratio analy...A project report on evaluation of financial performance based on ratio analy...
A project report on evaluation of financial performance based on ratio analy...
 
Improv Content Strategy: Doing Things the Wrong Way, the Right Way
Improv Content Strategy: Doing Things the Wrong Way, the Right WayImprov Content Strategy: Doing Things the Wrong Way, the Right Way
Improv Content Strategy: Doing Things the Wrong Way, the Right Way
 
Estonia and European Debt Crisis
Estonia and European Debt CrisisEstonia and European Debt Crisis
Estonia and European Debt Crisis
 

Similar to DevOps for Defenders in the Enterprise

JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"Daniel Bryant
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD PipelineJames Wickett
 
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve PooleDevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve PooleJAXLondon_Conference
 
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineThe DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineJames Wickett
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDJames Wickett
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline SecurityJames Wickett
 
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...Daniel Bryant
 
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxSecure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxlior mazor
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..Siddharth Joshi
 
Accelerate your Application Delivery with DevOps and Microservices
Accelerate your Application Delivery with DevOps and MicroservicesAccelerate your Application Delivery with DevOps and Microservices
Accelerate your Application Delivery with DevOps and MicroservicesAmazon Web Services
 
Democratizing security
Democratizing securityDemocratizing security
Democratizing securitySanjeev Sharma
 
Strengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessStrengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessMohammed A. Imran
 
Safely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySafely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySeniorStoryteller
 
2016 - Safely Removing the Last Roadblock to Continuous Delivery
2016 - Safely Removing the Last Roadblock to Continuous Delivery2016 - Safely Removing the Last Roadblock to Continuous Delivery
2016 - Safely Removing the Last Roadblock to Continuous Deliverydevopsdaysaustin
 
Introduction to Puppet Enterprise - Jan 30, 2019
Introduction to Puppet Enterprise - Jan 30, 2019Introduction to Puppet Enterprise - Jan 30, 2019
Introduction to Puppet Enterprise - Jan 30, 2019Puppet
 
From Duke of DevOps to Queen of Chaos - Api days 2018
From Duke of DevOps to Queen of Chaos - Api days 2018From Duke of DevOps to Queen of Chaos - Api days 2018
From Duke of DevOps to Queen of Chaos - Api days 2018Christophe Rochefolle
 
Scale security for a dollar or less
Scale security for a dollar or lessScale security for a dollar or less
Scale security for a dollar or lessMohammed A. Imran
 
What_is_DevOps_how_it's_very_useful_in_daily_Life.
What_is_DevOps_how_it's_very_useful_in_daily_Life.What_is_DevOps_how_it's_very_useful_in_daily_Life.
What_is_DevOps_how_it's_very_useful_in_daily_Life.anilpmuvvala
 

Similar to DevOps for Defenders in the Enterprise (20)

JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
 
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve PooleDevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
 
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineThe DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD Pipeline
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline Security
 
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
 
What DevOps Isn't
What DevOps Isn'tWhat DevOps Isn't
What DevOps Isn't
 
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxSecure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..
 
Accelerate your Application Delivery with DevOps and Microservices
Accelerate your Application Delivery with DevOps and MicroservicesAccelerate your Application Delivery with DevOps and Microservices
Accelerate your Application Delivery with DevOps and Microservices
 
Dev{sec}ops
Dev{sec}opsDev{sec}ops
Dev{sec}ops
 
Democratizing security
Democratizing securityDemocratizing security
Democratizing security
 
Strengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessStrengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or less
 
Safely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySafely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous Delivery
 
2016 - Safely Removing the Last Roadblock to Continuous Delivery
2016 - Safely Removing the Last Roadblock to Continuous Delivery2016 - Safely Removing the Last Roadblock to Continuous Delivery
2016 - Safely Removing the Last Roadblock to Continuous Delivery
 
Introduction to Puppet Enterprise - Jan 30, 2019
Introduction to Puppet Enterprise - Jan 30, 2019Introduction to Puppet Enterprise - Jan 30, 2019
Introduction to Puppet Enterprise - Jan 30, 2019
 
From Duke of DevOps to Queen of Chaos - Api days 2018
From Duke of DevOps to Queen of Chaos - Api days 2018From Duke of DevOps to Queen of Chaos - Api days 2018
From Duke of DevOps to Queen of Chaos - Api days 2018
 
Scale security for a dollar or less
Scale security for a dollar or lessScale security for a dollar or less
Scale security for a dollar or less
 
What_is_DevOps_how_it's_very_useful_in_daily_Life.
What_is_DevOps_how_it's_very_useful_in_daily_Life.What_is_DevOps_how_it's_very_useful_in_daily_Life.
What_is_DevOps_how_it's_very_useful_in_daily_Life.
 

More from James Wickett

A Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SREA Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SREJames Wickett
 
A Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASUREA Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASUREJames Wickett
 
A Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and BusinessA Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and BusinessJames Wickett
 
A DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and PeopleA DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and PeopleJames Wickett
 
The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019James Wickett
 
DevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS LaneDevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS LaneJames Wickett
 
Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019James Wickett
 
Release Your Inner DevSecOp
Release Your Inner DevSecOpRelease Your Inner DevSecOp
Release Your Inner DevSecOpJames Wickett
 
Security in the FaaS Lane
Security in the FaaS LaneSecurity in the FaaS Lane
Security in the FaaS LaneJames Wickett
 
The New Security Playbook: DevSecOps
The New Security Playbook: DevSecOpsThe New Security Playbook: DevSecOps
The New Security Playbook: DevSecOpsJames Wickett
 
Adversary Driven Defense in the Real World
Adversary Driven Defense in the Real WorldAdversary Driven Defense in the Real World
Adversary Driven Defense in the Real WorldJames Wickett
 
The State of DevSecOps in 2018
The State of DevSecOps in 2018The State of DevSecOps in 2018
The State of DevSecOps in 2018James Wickett
 
DevSecOps in the Year 2018
DevSecOps in the Year 2018DevSecOps in the Year 2018
DevSecOps in the Year 2018James Wickett
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDJames Wickett
 
AppSec California 2018: The Path of DevOps Enlightenment for InfoSec
AppSec California 2018: The Path of DevOps Enlightenment for InfoSecAppSec California 2018: The Path of DevOps Enlightenment for InfoSec
AppSec California 2018: The Path of DevOps Enlightenment for InfoSecJames Wickett
 
LambHack: A Vulnerable Serverless Application
LambHack: A Vulnerable Serverless ApplicationLambHack: A Vulnerable Serverless Application
LambHack: A Vulnerable Serverless ApplicationJames Wickett
 
Defense-Oriented DevOps for Modern Software Development
Defense-Oriented DevOps for Modern Software DevelopmentDefense-Oriented DevOps for Modern Software Development
Defense-Oriented DevOps for Modern Software DevelopmentJames Wickett
 
Innotech Austin 2017: The Path of DevOps Enlightenment for InfoSec
Innotech Austin 2017: The Path of DevOps Enlightenment for InfoSecInnotech Austin 2017: The Path of DevOps Enlightenment for InfoSec
Innotech Austin 2017: The Path of DevOps Enlightenment for InfoSecJames Wickett
 
Serverless Security at LASCON 2017
Serverless Security at LASCON 2017Serverless Security at LASCON 2017
Serverless Security at LASCON 2017James Wickett
 
The Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSecThe Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSecJames Wickett
 

More from James Wickett (20)

A Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SREA Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SRE
 
A Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASUREA Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASURE
 
A Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and BusinessA Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and Business
 
A DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and PeopleA DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and People
 
The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019
 
DevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS LaneDevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS Lane
 
Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019
 
Release Your Inner DevSecOp
Release Your Inner DevSecOpRelease Your Inner DevSecOp
Release Your Inner DevSecOp
 
Security in the FaaS Lane
Security in the FaaS LaneSecurity in the FaaS Lane
Security in the FaaS Lane
 
The New Security Playbook: DevSecOps
The New Security Playbook: DevSecOpsThe New Security Playbook: DevSecOps
The New Security Playbook: DevSecOps
 
Adversary Driven Defense in the Real World
Adversary Driven Defense in the Real WorldAdversary Driven Defense in the Real World
Adversary Driven Defense in the Real World
 
The State of DevSecOps in 2018
The State of DevSecOps in 2018The State of DevSecOps in 2018
The State of DevSecOps in 2018
 
DevSecOps in the Year 2018
DevSecOps in the Year 2018DevSecOps in the Year 2018
DevSecOps in the Year 2018
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
 
AppSec California 2018: The Path of DevOps Enlightenment for InfoSec
AppSec California 2018: The Path of DevOps Enlightenment for InfoSecAppSec California 2018: The Path of DevOps Enlightenment for InfoSec
AppSec California 2018: The Path of DevOps Enlightenment for InfoSec
 
LambHack: A Vulnerable Serverless Application
LambHack: A Vulnerable Serverless ApplicationLambHack: A Vulnerable Serverless Application
LambHack: A Vulnerable Serverless Application
 
Defense-Oriented DevOps for Modern Software Development
Defense-Oriented DevOps for Modern Software DevelopmentDefense-Oriented DevOps for Modern Software Development
Defense-Oriented DevOps for Modern Software Development
 
Innotech Austin 2017: The Path of DevOps Enlightenment for InfoSec
Innotech Austin 2017: The Path of DevOps Enlightenment for InfoSecInnotech Austin 2017: The Path of DevOps Enlightenment for InfoSec
Innotech Austin 2017: The Path of DevOps Enlightenment for InfoSec
 
Serverless Security at LASCON 2017
Serverless Security at LASCON 2017Serverless Security at LASCON 2017
Serverless Security at LASCON 2017
 
The Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSecThe Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSec
 

Recently uploaded

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 

Recently uploaded (20)

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 

DevOps for Defenders in the Enterprise