2. #WhoAmI
• 20+ Years in Software
Development and Delivery
• IBM’s Client-facing CTO for
DevOps
• Author: DevOps For
Dummies -
http://ibm.co/devopsfordum
mies
• Write DevOps and Cloud
Adoption Blog:
http://bit.ly/sdarchitect
8. Three (Two) Dimensions of
Security
8
1. Secure the Perimeter
2. Secure the Delivery Pipeline
3. Secure the Deliverable
http://www.ibm.com/developerworks/library/d-security-
considerations-devops-adoption/
12. Risks and Vulnerabilities - Delivery
Pipeline and Deliverables
12
1. Vulnerabilities related to the supply chain
2. Insider attacks
3. Errors and mistakes in the development project
4. Weaknesses in the design, code, and integration
5. API Economy and Security
http://www.ibm.com/developerworks/library/d-security-
considerations-devops-adoption/
15. Errors and mistakes in the
development project
15
1 per min 1 per min
4 per min 1 per min
4 per min 4 per min
• Reduced Batch size
• Continuous Validation:
– Continuous Security Testing
– Testing small batches in
every Sprint
• Antifragile Systems
– Servers are ‘cattle’ not
‘pets’
– MTBF vs MTTR