SlideShare a Scribd company logo

Software Security For DevOps And Continuous Deployment In The Cloud

Download as PPTX, PDF
InterCon
InterCon

A session by Thomas R. Truitt, President, Open Systems Technologies Corporation on the topic of 'Software Security For DevOps And Continuous Deployment In The Cloud' at InterCon USA 2019, held at Caesars Palace, Las Vegas on 18-20 June, 2019.

Internet
1 of 10
InterCon Vegas 2019 InterCon Vegas 2019 KEYNOTE SESSION IV: SOFTWARE SECURITY FOR DEVOPS AND CONTINUOUS DEPLOYMENT IN THE CLOUD SPEAKER: THOMAS R. TRUITT FOUNDER/PRESIDENT/CEO 19 JUNE 2019
2 InterCon Vegas 2019 InterCon Vegas 2019 Background of Speaker • Involved in Systems / Software Development for Large Scale Systems Since 1990 • Educated as Electrical Engineer at Virginia Tech in Blacksburg, Virginia. Studied Digital Signal Processing at Johns Hopkins University in Laurel, Maryland. • Works with large government and Fortune 500 organizations on building Enterprise Level software development “best- practices” to promote the use of Open Source software • Most recent focus is migrating from on-premise to cloud solutions using public/private clouds such as AWS, Azure, Google, and RedHat/OpenShift Container Platform
3 InterCon Vegas 2019 InterCon Vegas 2019 History of Security in Software Development • Coding 101 Security and the emergence of open source security standards • For more information review (OWASP) at https://www.owasp.org/
4 InterCon Vegas 2019 InterCon Vegas 2019 The Need for Software Security • Insider and External Threats • Authentication [Basic, Federation, Multi-Factor, Bio-Security] • Authorization [Attribute Based Access Control (ABAC), Role Based Access Control (RBAC)]
5 InterCon Vegas 2019 InterCon Vegas 2019 Security Breach Examples • Breach From Internet: – Office of Personnel Management (OPM) Security Breach Affecting Millions • Insider Security Breach: – Federal Bureau of Investigation (FBI) - Robert Hanssen – America Online Insider Threat • Visit List of Breaches at: https://en.wikipedia.org/wiki/List_of_data_breaches
6 InterCon Vegas 2019 InterCon Vegas 2019 Security – In the Beginning • On-Premise Security – Agile – Open Source – Patching – Log Monitoring/Analysis, SIEM Tools – Application Performance Management (APM) – Network Device Monitoring – Release/Build Process – Continuous Integration
7 InterCon Vegas 2019 InterCon Vegas 2019 Security – Today and Beyond • Continuous Deployment/Continuous Integration – DevOps, DevSecOps • Modern Software Tools – Maven, – GIT, – Atlassian Suite, – Jenkins, – Code Quality, – Puppet, – Chef • Security Standards (FedRAMP, FISMA, FIPS, PKI)
8 InterCon Vegas 2019 InterCon Vegas 2019 Challenges In the Cloud • Cross Domain Security • Single-Sign-On • Continuous Software Updates
9 InterCon Vegas 2019 InterCon Vegas 2019 Looking Forward: Cloud Computing Security • Cloud Computing to be more Security Provider Agnostic regardless of Cloud Server Provider • Example of Moving Security to the Cloud Edge with Akamai
10 InterCon Vegas 2019 InterCon Vegas 2019 Question and Answers • Speaker Contact Information – Thomas R. Truitt – 301-305-3116 cell – tom@ostcorp.net – http://www.ostcorp.net

Recommended

Cyberterrorism final
Cyberterrorism finalCyberterrorism final
Cyberterrorism finalsudheerreddy59
 
Beyond The Dark Hacking Screen
Beyond The Dark Hacking ScreenBeyond The Dark Hacking Screen
Beyond The Dark Hacking ScreenSegun Ebenezer Olaniyan
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationPECB
 
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Knowledge Group
 
Cyber terrorism by_Ali_Fahad
Cyber terrorism by_Ali_FahadCyber terrorism by_Ali_Fahad
Cyber terrorism by_Ali_Fahadaliuet
 
Keeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityKeeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityDistil Networks
 
Ransomware ly
Ransomware lyRansomware ly
Ransomware lyLisa Young
 
Cyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionCyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionmoldovaictsummit2016
 

Recommended

Cyberterrorism final
Cyberterrorism finalCyberterrorism final
Cyberterrorism finalsudheerreddy59
 
Beyond The Dark Hacking Screen
Beyond The Dark Hacking ScreenBeyond The Dark Hacking Screen
Beyond The Dark Hacking ScreenSegun Ebenezer Olaniyan
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationPECB
 
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Knowledge Group
 
Cyber terrorism by_Ali_Fahad
Cyber terrorism by_Ali_FahadCyber terrorism by_Ali_Fahad
Cyber terrorism by_Ali_Fahadaliuet
 
Keeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityKeeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityDistil Networks
 
Ransomware ly
Ransomware lyRansomware ly
Ransomware lyLisa Young
 
Cyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionCyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionmoldovaictsummit2016
 
Mobile Security Research Projects Help
Mobile Security Research Projects HelpMobile Security Research Projects Help
Mobile Security Research Projects HelpNetwork Simulation Tools
 
Covid 19, How A Pandemic Situation Shapes Cyber Threats
Covid 19, How A Pandemic Situation Shapes Cyber ThreatsCovid 19, How A Pandemic Situation Shapes Cyber Threats
Covid 19, How A Pandemic Situation Shapes Cyber ThreatsArun Kannoth
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityrahulbhardwaj312501
 
CybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINTCybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINTAimee Shuck
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-securityStephen Cobb
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24
 
Information Security Engineering
Information Security EngineeringInformation Security Engineering
Information Security EngineeringMd. Hasan Basri (Angel)
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorismDharani Adusumalli
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...XEventsHospitality
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismBalvant Biradar
 
Mobile security
Mobile securityMobile security
Mobile securityCyberoamAcademy
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityADGP, Public Grivences, Bangalore
 
Cyber Security and the National Central Banks
Cyber Security and the National Central BanksCyber Security and the National Central Banks
Cyber Security and the National Central BanksCommunity Protection Forum
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesWAJAHAT IQBAL
 
Cybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentCybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentHamilton Turner
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Raffael Marty
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the CloudGGV Capital
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentationsathiyamaha
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismHiren Selani
 
ICANN Security, Stability and Resiliency Plans & Framework
ICANN Security, Stability and Resiliency Plans & Framework ICANN Security, Stability and Resiliency Plans & Framework
ICANN Security, Stability and Resiliency Plans & Framework Bangladesh Network Operators Group
 
Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetuppbink
 
RVAsec Bill Weinberg Open Source Hygiene Presentation
RVAsec Bill Weinberg Open Source Hygiene PresentationRVAsec Bill Weinberg Open Source Hygiene Presentation
RVAsec Bill Weinberg Open Source Hygiene PresentationBlack Duck by Synopsys
 

More Related Content

What's hot

Covid 19, How A Pandemic Situation Shapes Cyber Threats
Covid 19, How A Pandemic Situation Shapes Cyber ThreatsCovid 19, How A Pandemic Situation Shapes Cyber Threats
Covid 19, How A Pandemic Situation Shapes Cyber ThreatsArun Kannoth
 
CybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINTCybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINTAimee Shuck
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-securityStephen Cobb
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...XEventsHospitality
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesWAJAHAT IQBAL
 
Cybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentCybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentHamilton Turner
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Raffael Marty
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the CloudGGV Capital
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentationsathiyamaha
 

What's hot (20)

Mobile Security Research Projects Help
Mobile Security Research Projects HelpMobile Security Research Projects Help
Mobile Security Research Projects Help
 
Covid 19, How A Pandemic Situation Shapes Cyber Threats
Covid 19, How A Pandemic Situation Shapes Cyber ThreatsCovid 19, How A Pandemic Situation Shapes Cyber Threats
Covid 19, How A Pandemic Situation Shapes Cyber Threats
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
CybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINTCybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINT
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
 
Information Security Engineering
Information Security EngineeringInformation Security Engineering
Information Security Engineering
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorism
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Mobile security
Mobile securityMobile security
Mobile security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security and the National Central Banks
Cyber Security and the National Central BanksCyber Security and the National Central Banks
Cyber Security and the National Central Banks
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
 
Cybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentCybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile Environment
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentation
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
ICANN Security, Stability and Resiliency Plans & Framework
ICANN Security, Stability and Resiliency Plans & Framework ICANN Security, Stability and Resiliency Plans & Framework
ICANN Security, Stability and Resiliency Plans & Framework
 

Similar to Software Security For DevOps And Continuous Deployment In The Cloud

Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetuppbink
 
RVAsec Bill Weinberg Open Source Hygiene Presentation
RVAsec Bill Weinberg Open Source Hygiene PresentationRVAsec Bill Weinberg Open Source Hygiene Presentation
RVAsec Bill Weinberg Open Source Hygiene PresentationBlack Duck by Synopsys
 
Security in the age of open source - Myths and misperceptions
Security in the age of open source - Myths and misperceptionsSecurity in the age of open source - Myths and misperceptions
Security in the age of open source - Myths and misperceptionsTim Mackey
 
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptx
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptxDISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptx
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptxmahendrarm2112
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Managementipspat
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco Security
 
Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsAlan Kan
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management ProcessBill Ross
 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliveryTim Mackey
 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliveryBlack Duck by Synopsys
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
 
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.ITCamp
 
The evolving threat in the face of increased connectivity
The evolving threat in the face of increased connectivityThe evolving threat in the face of increased connectivity
The evolving threat in the face of increased connectivityAPNIC
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityfrcarlson
 
Breached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident ResponseBreached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident ResponseResilient Systems
 
Cybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveCybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveAvinantaTarigan
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Securitysudip pudasaini
 

Similar to Software Security For DevOps And Continuous Deployment In The Cloud (20)

Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetup
 
RVAsec Bill Weinberg Open Source Hygiene Presentation
RVAsec Bill Weinberg Open Source Hygiene PresentationRVAsec Bill Weinberg Open Source Hygiene Presentation
RVAsec Bill Weinberg Open Source Hygiene Presentation
 
Security in the age of open source - Myths and misperceptions
Security in the age of open source - Myths and misperceptionsSecurity in the age of open source - Myths and misperceptions
Security in the age of open source - Myths and misperceptions
 
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptx
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptxDISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptx
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptx
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Management
 
Webinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or RealityWebinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or Reality
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security Report
 
Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging Threats
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management Process
 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous delivery
 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous delivery
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
 
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.
ITCamp 2018 - Tobiasz Koprowski - SECDEV(OPS). How to Brace Your IT Security.
 
The evolving threat in the face of increased connectivity
The evolving threat in the face of increased connectivityThe evolving threat in the face of increased connectivity
The evolving threat in the face of increased connectivity
 
Presentación AMIB Los Cabos
Presentación AMIB Los CabosPresentación AMIB Los Cabos
Presentación AMIB Los Cabos
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Breached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident ResponseBreached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident Response
 
Cybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveCybersecurity Risk from User Perspective
Cybersecurity Risk from User Perspective
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 

More from InterCon

Getting Started With IoT – Guidebook: Presented by Anu Taksali, CEO of Dhanuk...
Getting Started With IoT – Guidebook: Presented by Anu Taksali, CEO of Dhanuk...Getting Started With IoT – Guidebook: Presented by Anu Taksali, CEO of Dhanuk...
Getting Started With IoT – Guidebook: Presented by Anu Taksali, CEO of Dhanuk...InterCon
 
Cross Border Blockchain Equity/Capital Market Services And Compliance: Presen...
Cross Border Blockchain Equity/Capital Market Services And Compliance: Presen...Cross Border Blockchain Equity/Capital Market Services And Compliance: Presen...
Cross Border Blockchain Equity/Capital Market Services And Compliance: Presen...InterCon
 
Transitioning Your Business Model - From Services To Subscriptions: Presented...
Transitioning Your Business Model - From Services To Subscriptions: Presented...Transitioning Your Business Model - From Services To Subscriptions: Presented...
Transitioning Your Business Model - From Services To Subscriptions: Presented...InterCon
 
IoT Now And In The Future: Presented by Niroshan Madampitige, Head of Deliver...
IoT Now And In The Future: Presented by Niroshan Madampitige, Head of Deliver...IoT Now And In The Future: Presented by Niroshan Madampitige, Head of Deliver...
IoT Now And In The Future: Presented by Niroshan Madampitige, Head of Deliver...InterCon
 
Data is the New Oil: Presented By Naveen Narayanan, Global Client Partner of ...
Data is the New Oil: Presented By Naveen Narayanan, Global Client Partner of ...Data is the New Oil: Presented By Naveen Narayanan, Global Client Partner of ...
Data is the New Oil: Presented By Naveen Narayanan, Global Client Partner of ...InterCon
 
Can Blockchain Disrupt Or Even Destroy The Cloud? : Presented by Suhas Patil,...
Can Blockchain Disrupt Or Even Destroy The Cloud? : Presented by Suhas Patil,...Can Blockchain Disrupt Or Even Destroy The Cloud? : Presented by Suhas Patil,...
Can Blockchain Disrupt Or Even Destroy The Cloud? : Presented by Suhas Patil,...InterCon
 
E-Commerce Automation: Presented by Siddhartha Choudhary, Co-Founder & CEO of...
E-Commerce Automation: Presented by Siddhartha Choudhary, Co-Founder & CEO of...E-Commerce Automation: Presented by Siddhartha Choudhary, Co-Founder & CEO of...
E-Commerce Automation: Presented by Siddhartha Choudhary, Co-Founder & CEO of...InterCon
 
5G Technology - The Future of Internet
5G Technology - The Future of Internet5G Technology - The Future of Internet
5G Technology - The Future of InternetInterCon
 
Transitioning Your Business Model - From Services To SaaS
Transitioning Your Business Model - From Services To SaaSTransitioning Your Business Model - From Services To SaaS
Transitioning Your Business Model - From Services To SaaSInterCon
 
ML Will Redesign, Not Replace, Jobs
ML Will Redesign, Not Replace, JobsML Will Redesign, Not Replace, Jobs
ML Will Redesign, Not Replace, JobsInterCon
 
Blockchain Applications Transforming Society
Blockchain Applications Transforming SocietyBlockchain Applications Transforming Society
Blockchain Applications Transforming SocietyInterCon
 
How Are AI And ML Transforming Decision Making?
How Are AI And ML Transforming Decision Making?How Are AI And ML Transforming Decision Making?
How Are AI And ML Transforming Decision Making?InterCon
 
Boosting App Installs
Boosting App InstallsBoosting App Installs
Boosting App InstallsInterCon
 
Blockchain, Smart Contracts & IoT
Blockchain, Smart Contracts & IoTBlockchain, Smart Contracts & IoT
Blockchain, Smart Contracts & IoTInterCon
 
Deep Reinforcement Leaning In Machine Learning
Deep Reinforcement Leaning In Machine LearningDeep Reinforcement Leaning In Machine Learning
Deep Reinforcement Leaning In Machine LearningInterCon
 
Phishing Attacks and Trends in Cloud Computing
Phishing Attacks and Trends in Cloud ComputingPhishing Attacks and Trends in Cloud Computing
Phishing Attacks and Trends in Cloud ComputingInterCon
 
IoT - Understanding The Shift To Edge Computing
IoT - Understanding The Shift To Edge ComputingIoT - Understanding The Shift To Edge Computing
IoT - Understanding The Shift To Edge ComputingInterCon
 
IoT Data - Like No Data We have Ever Seen
IoT Data - Like No Data We have Ever SeenIoT Data - Like No Data We have Ever Seen
IoT Data - Like No Data We have Ever SeenInterCon
 

More from InterCon (18)

Getting Started With IoT – Guidebook: Presented by Anu Taksali, CEO of Dhanuk...
Getting Started With IoT – Guidebook: Presented by Anu Taksali, CEO of Dhanuk...Getting Started With IoT – Guidebook: Presented by Anu Taksali, CEO of Dhanuk...
Getting Started With IoT – Guidebook: Presented by Anu Taksali, CEO of Dhanuk...
 
Cross Border Blockchain Equity/Capital Market Services And Compliance: Presen...
Cross Border Blockchain Equity/Capital Market Services And Compliance: Presen...Cross Border Blockchain Equity/Capital Market Services And Compliance: Presen...
Cross Border Blockchain Equity/Capital Market Services And Compliance: Presen...
 
Transitioning Your Business Model - From Services To Subscriptions: Presented...
Transitioning Your Business Model - From Services To Subscriptions: Presented...Transitioning Your Business Model - From Services To Subscriptions: Presented...
Transitioning Your Business Model - From Services To Subscriptions: Presented...
 
IoT Now And In The Future: Presented by Niroshan Madampitige, Head of Deliver...
IoT Now And In The Future: Presented by Niroshan Madampitige, Head of Deliver...IoT Now And In The Future: Presented by Niroshan Madampitige, Head of Deliver...
IoT Now And In The Future: Presented by Niroshan Madampitige, Head of Deliver...
 
Data is the New Oil: Presented By Naveen Narayanan, Global Client Partner of ...
Data is the New Oil: Presented By Naveen Narayanan, Global Client Partner of ...Data is the New Oil: Presented By Naveen Narayanan, Global Client Partner of ...
Data is the New Oil: Presented By Naveen Narayanan, Global Client Partner of ...
 
Can Blockchain Disrupt Or Even Destroy The Cloud? : Presented by Suhas Patil,...
Can Blockchain Disrupt Or Even Destroy The Cloud? : Presented by Suhas Patil,...Can Blockchain Disrupt Or Even Destroy The Cloud? : Presented by Suhas Patil,...
Can Blockchain Disrupt Or Even Destroy The Cloud? : Presented by Suhas Patil,...
 
E-Commerce Automation: Presented by Siddhartha Choudhary, Co-Founder & CEO of...
E-Commerce Automation: Presented by Siddhartha Choudhary, Co-Founder & CEO of...E-Commerce Automation: Presented by Siddhartha Choudhary, Co-Founder & CEO of...
E-Commerce Automation: Presented by Siddhartha Choudhary, Co-Founder & CEO of...
 
5G Technology - The Future of Internet
5G Technology - The Future of Internet5G Technology - The Future of Internet
5G Technology - The Future of Internet
 
Transitioning Your Business Model - From Services To SaaS
Transitioning Your Business Model - From Services To SaaSTransitioning Your Business Model - From Services To SaaS
Transitioning Your Business Model - From Services To SaaS
 
ML Will Redesign, Not Replace, Jobs
ML Will Redesign, Not Replace, JobsML Will Redesign, Not Replace, Jobs
ML Will Redesign, Not Replace, Jobs
 
Blockchain Applications Transforming Society
Blockchain Applications Transforming SocietyBlockchain Applications Transforming Society
Blockchain Applications Transforming Society
 
How Are AI And ML Transforming Decision Making?
How Are AI And ML Transforming Decision Making?How Are AI And ML Transforming Decision Making?
How Are AI And ML Transforming Decision Making?
 
Boosting App Installs
Boosting App InstallsBoosting App Installs
Boosting App Installs
 
Blockchain, Smart Contracts & IoT
Blockchain, Smart Contracts & IoTBlockchain, Smart Contracts & IoT
Blockchain, Smart Contracts & IoT
 
Deep Reinforcement Leaning In Machine Learning
Deep Reinforcement Leaning In Machine LearningDeep Reinforcement Leaning In Machine Learning
Deep Reinforcement Leaning In Machine Learning
 
Phishing Attacks and Trends in Cloud Computing
Phishing Attacks and Trends in Cloud ComputingPhishing Attacks and Trends in Cloud Computing
Phishing Attacks and Trends in Cloud Computing
 
IoT - Understanding The Shift To Edge Computing
IoT - Understanding The Shift To Edge ComputingIoT - Understanding The Shift To Edge Computing
IoT - Understanding The Shift To Edge Computing
 
IoT Data - Like No Data We have Ever Seen
IoT Data - Like No Data We have Ever SeenIoT Data - Like No Data We have Ever Seen
IoT Data - Like No Data We have Ever Seen
 

Recently uploaded

Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...Neha Pandey
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
SEO Growth Program-Digital optimization Specialist
SEO Growth Program-Digital optimization SpecialistSEO Growth Program-Digital optimization Specialist
SEO Growth Program-Digital optimization SpecialistKHM Anwar
 

Recently uploaded (20)

Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
SEO Growth Program-Digital optimization Specialist
SEO Growth Program-Digital optimization SpecialistSEO Growth Program-Digital optimization Specialist
SEO Growth Program-Digital optimization Specialist
 

Software Security For DevOps And Continuous Deployment In The Cloud

  • 1. InterCon Vegas 2019 InterCon Vegas 2019 KEYNOTE SESSION IV: SOFTWARE SECURITY FOR DEVOPS AND CONTINUOUS DEPLOYMENT IN THE CLOUD SPEAKER: THOMAS R. TRUITT FOUNDER/PRESIDENT/CEO 19 JUNE 2019
  • 2. 2 InterCon Vegas 2019 InterCon Vegas 2019 Background of Speaker • Involved in Systems / Software Development for Large Scale Systems Since 1990 • Educated as Electrical Engineer at Virginia Tech in Blacksburg, Virginia. Studied Digital Signal Processing at Johns Hopkins University in Laurel, Maryland. • Works with large government and Fortune 500 organizations on building Enterprise Level software development “best- practices” to promote the use of Open Source software • Most recent focus is migrating from on-premise to cloud solutions using public/private clouds such as AWS, Azure, Google, and RedHat/OpenShift Container Platform
  • 3. 3 InterCon Vegas 2019 InterCon Vegas 2019 History of Security in Software Development • Coding 101 Security and the emergence of open source security standards • For more information review (OWASP) at https://www.owasp.org/
  • 4. 4 InterCon Vegas 2019 InterCon Vegas 2019 The Need for Software Security • Insider and External Threats • Authentication [Basic, Federation, Multi-Factor, Bio-Security] • Authorization [Attribute Based Access Control (ABAC), Role Based Access Control (RBAC)]
  • 5. 5 InterCon Vegas 2019 InterCon Vegas 2019 Security Breach Examples • Breach From Internet: – Office of Personnel Management (OPM) Security Breach Affecting Millions • Insider Security Breach: – Federal Bureau of Investigation (FBI) - Robert Hanssen – America Online Insider Threat • Visit List of Breaches at: https://en.wikipedia.org/wiki/List_of_data_breaches
  • 6. 6 InterCon Vegas 2019 InterCon Vegas 2019 Security – In the Beginning • On-Premise Security – Agile – Open Source – Patching – Log Monitoring/Analysis, SIEM Tools – Application Performance Management (APM) – Network Device Monitoring – Release/Build Process – Continuous Integration
  • 7. 7 InterCon Vegas 2019 InterCon Vegas 2019 Security – Today and Beyond • Continuous Deployment/Continuous Integration – DevOps, DevSecOps • Modern Software Tools – Maven, – GIT, – Atlassian Suite, – Jenkins, – Code Quality, – Puppet, – Chef • Security Standards (FedRAMP, FISMA, FIPS, PKI)
  • 8. 8 InterCon Vegas 2019 InterCon Vegas 2019 Challenges In the Cloud • Cross Domain Security • Single-Sign-On • Continuous Software Updates
  • 9. 9 InterCon Vegas 2019 InterCon Vegas 2019 Looking Forward: Cloud Computing Security • Cloud Computing to be more Security Provider Agnostic regardless of Cloud Server Provider • Example of Moving Security to the Cloud Edge with Akamai
  • 10. 10 InterCon Vegas 2019 InterCon Vegas 2019 Question and Answers • Speaker Contact Information – Thomas R. Truitt – 301-305-3116 cell – tom@ostcorp.net – http://www.ostcorp.net