SlideShare a Scribd company logo
1 of 20
Amy Johnston, XebiaLabs
Rob Vanstone, XebiaLabs
How to Bake Compliance and Security
into Your Software Delivery Process
2
Housekeeping
▪ This webinar is being recorded
▪ Links to the slides and the recording will be
made available after the presentation
▪ You can post questions via the GoToWebinar
Control Panel
3
Meet Your Presenters
Rob VanstoneAmy Johnston
Senior Product Marketing Manager
XebiaLabs
Technical Director UK
XebiaLabs
4
Hundreds of Companies
deliver software with
XebiaLabs
XebiaLabs DevOps Platform
providing intelligence, automation and control
across the entire software delivery process
Shift to
the Cloud
Migrate to
Containers
Connect all
Pipelines
Connect
CI/CD &
ITSM
Improve
Governance
& Security
SCALE DEVOPS ACROSS THE ENTERPRISE
55
66
77
88
99
1 – Establish an immutable
chain of custody for active
and completed releases
1010
1111
2 – Integrate
automated compliance
and security testing in
the DevOps pipeline
1212
1313
3 – Shift compliance
and security
concerns left in the
software delivery
pipeline
1414
1515
4 – Visualize and
evaluate security
vulnerabilities and
IT governance
violations
1616
Demo
1717
18
How to bake security and compliance into your
software delivery process
✓ Build a chain of custody for every release
✓ Integrate automated security and compliance testing
✓ Shift security and compliance concerns left
✓ Visualize security and compliance data
1919
Questions?
Visit xebialabs.com to learn more
Thank you!

More Related Content

What's hot

Your Resolution for 2018: Five Principles For Securing DevOps
Your Resolution for 2018: Five Principles For Securing DevOpsYour Resolution for 2018: Five Principles For Securing DevOps
Your Resolution for 2018: Five Principles For Securing DevOpsDevOps.com
 
How Aporeto Secures Cloud-native Across Public, Private, & Hybrid Clouds with...
How Aporeto Secures Cloud-native Across Public, Private, & Hybrid Clouds with...How Aporeto Secures Cloud-native Across Public, Private, & Hybrid Clouds with...
How Aporeto Secures Cloud-native Across Public, Private, & Hybrid Clouds with...DevOps.com
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
 
Continuous Delivery Agiles 2014 Medellin
Continuous Delivery Agiles 2014 MedellinContinuous Delivery Agiles 2014 Medellin
Continuous Delivery Agiles 2014 MedellinDiego Garber
 
Disconnected Pipelines: The Missing Link
Disconnected Pipelines: The Missing LinkDisconnected Pipelines: The Missing Link
Disconnected Pipelines: The Missing LinkEficode
 
Chefdevseccon2015
Chefdevseccon2015Chefdevseccon2015
Chefdevseccon2015sc0ttruss
 
Compliance as Code - Using the Open Source InSpec testing Framework
Compliance as Code - Using the Open Source InSpec testing FrameworkCompliance as Code - Using the Open Source InSpec testing Framework
Compliance as Code - Using the Open Source InSpec testing FrameworkSonatype
 
Twelve-Factor App: Software Application Architecture
Twelve-Factor App: Software Application ArchitectureTwelve-Factor App: Software Application Architecture
Twelve-Factor App: Software Application ArchitectureSigfred Balatan Jr.
 
Why source control your Oracle Database?
Why source control your Oracle Database?Why source control your Oracle Database?
Why source control your Oracle Database?Red Gate Software
 
How Optimal Alerting is Better for Cloud Environments
How Optimal Alerting is Better for Cloud EnvironmentsHow Optimal Alerting is Better for Cloud Environments
How Optimal Alerting is Better for Cloud EnvironmentsDeborah Schalm
 
Llunitebe2018 windows 10 security features
Llunitebe2018 windows 10 security featuresLlunitebe2018 windows 10 security features
Llunitebe2018 windows 10 security featuresKenny Buntinx
 
Introduction to dev ops
Introduction to dev opsIntroduction to dev ops
Introduction to dev opsLen Bass
 
Bro, manage test data like a pro! [QA Fest 2018]
Bro, manage test data like a pro! [QA Fest 2018]Bro, manage test data like a pro! [QA Fest 2018]
Bro, manage test data like a pro! [QA Fest 2018]Mikalai Alimenkou
 
Executing Deployment & Release Strategies
Executing Deployment & Release StrategiesExecuting Deployment & Release Strategies
Executing Deployment & Release StrategiesOpenSense Labs
 
What's New in Puppet Enterprise 2015.3
What's New in Puppet Enterprise 2015.3What's New in Puppet Enterprise 2015.3
What's New in Puppet Enterprise 2015.3Puppet
 
Perforce on Tour 2015 - Securing the Helix Platform at Citrix
Perforce on Tour 2015 - Securing the Helix Platform at CitrixPerforce on Tour 2015 - Securing the Helix Platform at Citrix
Perforce on Tour 2015 - Securing the Helix Platform at CitrixPerforce
 
Veracode Integration Adapter - Datasheet
Veracode Integration Adapter - DatasheetVeracode Integration Adapter - Datasheet
Veracode Integration Adapter - DatasheetKovair
 
Microservice Monitoring and Quality Management for Modern Apps and Infrastruc...
Microservice Monitoring and Quality Management for Modern Apps and Infrastruc...Microservice Monitoring and Quality Management for Modern Apps and Infrastruc...
Microservice Monitoring and Quality Management for Modern Apps and Infrastruc...Jules Pierre-Louis
 
Branching Strategy 2.0 - NASCAR Digital Media
Branching Strategy 2.0 - NASCAR Digital MediaBranching Strategy 2.0 - NASCAR Digital Media
Branching Strategy 2.0 - NASCAR Digital MediaJoshua Miller
 
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-Blox
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-BloxPerforce on Tour 2015 - Optimising the Developer Pipeline at U-Blox
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-BloxPerforce
 

What's hot (20)

Your Resolution for 2018: Five Principles For Securing DevOps
Your Resolution for 2018: Five Principles For Securing DevOpsYour Resolution for 2018: Five Principles For Securing DevOps
Your Resolution for 2018: Five Principles For Securing DevOps
 
How Aporeto Secures Cloud-native Across Public, Private, & Hybrid Clouds with...
How Aporeto Secures Cloud-native Across Public, Private, & Hybrid Clouds with...How Aporeto Secures Cloud-native Across Public, Private, & Hybrid Clouds with...
How Aporeto Secures Cloud-native Across Public, Private, & Hybrid Clouds with...
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approach
 
Continuous Delivery Agiles 2014 Medellin
Continuous Delivery Agiles 2014 MedellinContinuous Delivery Agiles 2014 Medellin
Continuous Delivery Agiles 2014 Medellin
 
Disconnected Pipelines: The Missing Link
Disconnected Pipelines: The Missing LinkDisconnected Pipelines: The Missing Link
Disconnected Pipelines: The Missing Link
 
Chefdevseccon2015
Chefdevseccon2015Chefdevseccon2015
Chefdevseccon2015
 
Compliance as Code - Using the Open Source InSpec testing Framework
Compliance as Code - Using the Open Source InSpec testing FrameworkCompliance as Code - Using the Open Source InSpec testing Framework
Compliance as Code - Using the Open Source InSpec testing Framework
 
Twelve-Factor App: Software Application Architecture
Twelve-Factor App: Software Application ArchitectureTwelve-Factor App: Software Application Architecture
Twelve-Factor App: Software Application Architecture
 
Why source control your Oracle Database?
Why source control your Oracle Database?Why source control your Oracle Database?
Why source control your Oracle Database?
 
How Optimal Alerting is Better for Cloud Environments
How Optimal Alerting is Better for Cloud EnvironmentsHow Optimal Alerting is Better for Cloud Environments
How Optimal Alerting is Better for Cloud Environments
 
Llunitebe2018 windows 10 security features
Llunitebe2018 windows 10 security featuresLlunitebe2018 windows 10 security features
Llunitebe2018 windows 10 security features
 
Introduction to dev ops
Introduction to dev opsIntroduction to dev ops
Introduction to dev ops
 
Bro, manage test data like a pro! [QA Fest 2018]
Bro, manage test data like a pro! [QA Fest 2018]Bro, manage test data like a pro! [QA Fest 2018]
Bro, manage test data like a pro! [QA Fest 2018]
 
Executing Deployment & Release Strategies
Executing Deployment & Release StrategiesExecuting Deployment & Release Strategies
Executing Deployment & Release Strategies
 
What's New in Puppet Enterprise 2015.3
What's New in Puppet Enterprise 2015.3What's New in Puppet Enterprise 2015.3
What's New in Puppet Enterprise 2015.3
 
Perforce on Tour 2015 - Securing the Helix Platform at Citrix
Perforce on Tour 2015 - Securing the Helix Platform at CitrixPerforce on Tour 2015 - Securing the Helix Platform at Citrix
Perforce on Tour 2015 - Securing the Helix Platform at Citrix
 
Veracode Integration Adapter - Datasheet
Veracode Integration Adapter - DatasheetVeracode Integration Adapter - Datasheet
Veracode Integration Adapter - Datasheet
 
Microservice Monitoring and Quality Management for Modern Apps and Infrastruc...
Microservice Monitoring and Quality Management for Modern Apps and Infrastruc...Microservice Monitoring and Quality Management for Modern Apps and Infrastruc...
Microservice Monitoring and Quality Management for Modern Apps and Infrastruc...
 
Branching Strategy 2.0 - NASCAR Digital Media
Branching Strategy 2.0 - NASCAR Digital MediaBranching Strategy 2.0 - NASCAR Digital Media
Branching Strategy 2.0 - NASCAR Digital Media
 
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-Blox
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-BloxPerforce on Tour 2015 - Optimising the Developer Pipeline at U-Blox
Perforce on Tour 2015 - Optimising the Developer Pipeline at U-Blox
 

Similar to Shift Left and Automate: How to Bake Compliance and Security into Your Software Delivery Process

Avoid Troubled Waters: Building a Bridge Between ServiceNow and CI/CD
Avoid Troubled Waters: Building a Bridge Between ServiceNow and CI/CDAvoid Troubled Waters: Building a Bridge Between ServiceNow and CI/CD
Avoid Troubled Waters: Building a Bridge Between ServiceNow and CI/CDXebiaLabs
 
Building a Bridge Between CI/CD and ITSM
Building a Bridge Between CI/CD and ITSMBuilding a Bridge Between CI/CD and ITSM
Building a Bridge Between CI/CD and ITSMXebiaLabs
 
Make Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the PastMake Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the PastXebiaLabs
 
Unified Deployment: Including the Mainframe in Enterprise DevOps
Unified Deployment: Including the Mainframe in Enterprise DevOpsUnified Deployment: Including the Mainframe in Enterprise DevOps
Unified Deployment: Including the Mainframe in Enterprise DevOpsXebiaLabs
 
Chef Workflow Demo
Chef Workflow DemoChef Workflow Demo
Chef Workflow DemoChef
 
IP Expo Nordic: Successful Practices for Continuous Delivery
IP Expo Nordic: Successful Practices for Continuous DeliveryIP Expo Nordic: Successful Practices for Continuous Delivery
IP Expo Nordic: Successful Practices for Continuous DeliveryMandi Walls
 
Successful Practices for Continuous Delivery CodeCPH
Successful Practices for Continuous Delivery CodeCPHSuccessful Practices for Continuous Delivery CodeCPH
Successful Practices for Continuous Delivery CodeCPHMandi Walls
 
Strong practices for rails applications continuous delivery
Strong practices for rails applications continuous deliveryStrong practices for rails applications continuous delivery
Strong practices for rails applications continuous deliveryRobb Kidd
 
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”Emerasoft, solutions to collaborate
 
Leveraging Analytics for DevOps
Leveraging Analytics for DevOpsLeveraging Analytics for DevOps
Leveraging Analytics for DevOpsMichael Floyd
 
Webinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseWebinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseDBmaestro - Database DevOps
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks Ulf Mattsson
 
You Build It, You Secure It: Higher Velocity and Better Security with DevSecOps
You Build It, You Secure It: Higher Velocity and Better Security with DevSecOpsYou Build It, You Secure It: Higher Velocity and Better Security with DevSecOps
You Build It, You Secure It: Higher Velocity and Better Security with DevSecOpsDevOps.com
 
Unified Deployment: Including the Mainframe in Enterprise DevOps
Unified Deployment: Including the Mainframe in Enterprise DevOpsUnified Deployment: Including the Mainframe in Enterprise DevOps
Unified Deployment: Including the Mainframe in Enterprise DevOpsCompuware
 
Transforming Organizations with CI/CD
Transforming Organizations with CI/CDTransforming Organizations with CI/CD
Transforming Organizations with CI/CDCprime
 
Datatree.io Webinar: Continuous Integration & Delivery for Agile Teams
Datatree.io Webinar: Continuous Integration & Delivery for Agile TeamsDatatree.io Webinar: Continuous Integration & Delivery for Agile Teams
Datatree.io Webinar: Continuous Integration & Delivery for Agile TeamsTara Walker
 
DTS-1778 Understanding DevOps - IBM InterConnect Session
DTS-1778 Understanding DevOps - IBM InterConnect SessionDTS-1778 Understanding DevOps - IBM InterConnect Session
DTS-1778 Understanding DevOps - IBM InterConnect SessionSanjeev Sharma
 
Continuous delivery best practices and essential tools
Continuous delivery best practices and essential toolsContinuous delivery best practices and essential tools
Continuous delivery best practices and essential toolsDBmaestro - Database DevOps
 
Thinking One Step Further with Time-saving DevOps Tools with Open Telekom Clo...
Thinking One Step Further with Time-saving DevOps Tools with Open Telekom Clo...Thinking One Step Further with Time-saving DevOps Tools with Open Telekom Clo...
Thinking One Step Further with Time-saving DevOps Tools with Open Telekom Clo...Bitnami
 

Similar to Shift Left and Automate: How to Bake Compliance and Security into Your Software Delivery Process (20)

Avoid Troubled Waters: Building a Bridge Between ServiceNow and CI/CD
Avoid Troubled Waters: Building a Bridge Between ServiceNow and CI/CDAvoid Troubled Waters: Building a Bridge Between ServiceNow and CI/CD
Avoid Troubled Waters: Building a Bridge Between ServiceNow and CI/CD
 
Building a Bridge Between CI/CD and ITSM
Building a Bridge Between CI/CD and ITSMBuilding a Bridge Between CI/CD and ITSM
Building a Bridge Between CI/CD and ITSM
 
Make Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the PastMake Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the Past
 
Unified Deployment: Including the Mainframe in Enterprise DevOps
Unified Deployment: Including the Mainframe in Enterprise DevOpsUnified Deployment: Including the Mainframe in Enterprise DevOps
Unified Deployment: Including the Mainframe in Enterprise DevOps
 
Chef Workflow Demo
Chef Workflow DemoChef Workflow Demo
Chef Workflow Demo
 
IP Expo Nordic: Successful Practices for Continuous Delivery
IP Expo Nordic: Successful Practices for Continuous DeliveryIP Expo Nordic: Successful Practices for Continuous Delivery
IP Expo Nordic: Successful Practices for Continuous Delivery
 
Successful Practices for Continuous Delivery CodeCPH
Successful Practices for Continuous Delivery CodeCPHSuccessful Practices for Continuous Delivery CodeCPH
Successful Practices for Continuous Delivery CodeCPH
 
Strong practices for rails applications continuous delivery
Strong practices for rails applications continuous deliveryStrong practices for rails applications continuous delivery
Strong practices for rails applications continuous delivery
 
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”
 
Leveraging Analytics for DevOps
Leveraging Analytics for DevOpsLeveraging Analytics for DevOps
Leveraging Analytics for DevOps
 
Webinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseWebinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterprise
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks
 
You Build It, You Secure It: Higher Velocity and Better Security with DevSecOps
You Build It, You Secure It: Higher Velocity and Better Security with DevSecOpsYou Build It, You Secure It: Higher Velocity and Better Security with DevSecOps
You Build It, You Secure It: Higher Velocity and Better Security with DevSecOps
 
Unified Deployment: Including the Mainframe in Enterprise DevOps
Unified Deployment: Including the Mainframe in Enterprise DevOpsUnified Deployment: Including the Mainframe in Enterprise DevOps
Unified Deployment: Including the Mainframe in Enterprise DevOps
 
Transforming Organizations with CI/CD
Transforming Organizations with CI/CDTransforming Organizations with CI/CD
Transforming Organizations with CI/CD
 
Datatree.io Webinar: Continuous Integration & Delivery for Agile Teams
Datatree.io Webinar: Continuous Integration & Delivery for Agile TeamsDatatree.io Webinar: Continuous Integration & Delivery for Agile Teams
Datatree.io Webinar: Continuous Integration & Delivery for Agile Teams
 
DTS-1778 Understanding DevOps - IBM InterConnect Session
DTS-1778 Understanding DevOps - IBM InterConnect SessionDTS-1778 Understanding DevOps - IBM InterConnect Session
DTS-1778 Understanding DevOps - IBM InterConnect Session
 
Api gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a serviceApi gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a service
 
Continuous delivery best practices and essential tools
Continuous delivery best practices and essential toolsContinuous delivery best practices and essential tools
Continuous delivery best practices and essential tools
 
Thinking One Step Further with Time-saving DevOps Tools with Open Telekom Clo...
Thinking One Step Further with Time-saving DevOps Tools with Open Telekom Clo...Thinking One Step Further with Time-saving DevOps Tools with Open Telekom Clo...
Thinking One Step Further with Time-saving DevOps Tools with Open Telekom Clo...
 

More from XebiaLabs

Metrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation SuccessMetrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation SuccessXebiaLabs
 
Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsXebiaLabs
 
Accelerate Your Digital Transformation: How to Achieve Business Agility with ...
Accelerate Your Digital Transformation: How to Achieve Business Agility with ...Accelerate Your Digital Transformation: How to Achieve Business Agility with ...
Accelerate Your Digital Transformation: How to Achieve Business Agility with ...XebiaLabs
 
Don't Let Technology Slow Down Your Digital Transformation
Don't Let Technology Slow Down Your Digital Transformation Don't Let Technology Slow Down Your Digital Transformation
Don't Let Technology Slow Down Your Digital Transformation XebiaLabs
 
Deliver More Customer Value with Value Stream Management
Deliver More Customer Value with Value Stream ManagementDeliver More Customer Value with Value Stream Management
Deliver More Customer Value with Value Stream ManagementXebiaLabs
 
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...XebiaLabs
 
XebiaLabs: DevOps 2020 with Gene Kim
XebiaLabs: DevOps 2020 with Gene KimXebiaLabs: DevOps 2020 with Gene Kim
XebiaLabs: DevOps 2020 with Gene KimXebiaLabs
 
From Chaos to Compliance: The New Digital Governance for DevOps
From Chaos to Compliance: The New Digital Governance for DevOpsFrom Chaos to Compliance: The New Digital Governance for DevOps
From Chaos to Compliance: The New Digital Governance for DevOpsXebiaLabs
 
Supercharge Your Digital Transformation by Establishing a DevOps Platform
Supercharge Your Digital Transformation by Establishing a DevOps PlatformSupercharge Your Digital Transformation by Establishing a DevOps Platform
Supercharge Your Digital Transformation by Establishing a DevOps PlatformXebiaLabs
 
Build a Bridge Between CI/CD and ITSM w/ Quint Technology
Build a Bridge Between CI/CD and ITSM w/ Quint TechnologyBuild a Bridge Between CI/CD and ITSM w/ Quint Technology
Build a Bridge Between CI/CD and ITSM w/ Quint TechnologyXebiaLabs
 
Is Your DevOps Ready for the Cloud?
Is Your DevOps Ready for the Cloud?Is Your DevOps Ready for the Cloud?
Is Your DevOps Ready for the Cloud?XebiaLabs
 
Compliance und Sicherheit im Rahmen von Software-Deployments
Compliance und Sicherheit im Rahmen von Software-DeploymentsCompliance und Sicherheit im Rahmen von Software-Deployments
Compliance und Sicherheit im Rahmen von Software-DeploymentsXebiaLabs
 
All Roads Lead to DevOps
All Roads Lead to DevOpsAll Roads Lead to DevOps
All Roads Lead to DevOpsXebiaLabs
 
Reaching Cloud Utopia: How to Create a Single Pipeline for Hybrid Deployments
Reaching Cloud Utopia: How to Create a Single Pipeline for Hybrid DeploymentsReaching Cloud Utopia: How to Create a Single Pipeline for Hybrid Deployments
Reaching Cloud Utopia: How to Create a Single Pipeline for Hybrid DeploymentsXebiaLabs
 
2019 DevOps Predictions
2019 DevOps Predictions2019 DevOps Predictions
2019 DevOps PredictionsXebiaLabs
 
DevOps Hits Adolescence – what’s next?
DevOps Hits Adolescence – what’s next?DevOps Hits Adolescence – what’s next?
DevOps Hits Adolescence – what’s next?XebiaLabs
 
Accelerate DevOps Transformation with App Migration to the Cloud
Accelerate DevOps Transformation with App Migration to the CloudAccelerate DevOps Transformation with App Migration to the Cloud
Accelerate DevOps Transformation with App Migration to the CloudXebiaLabs
 
The Accelerate State of DevOps Report
The Accelerate State of DevOps ReportThe Accelerate State of DevOps Report
The Accelerate State of DevOps ReportXebiaLabs
 
Container Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container ParadiseContainer Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container ParadiseXebiaLabs
 
Winning at Culture
Winning at CultureWinning at Culture
Winning at CultureXebiaLabs
 

More from XebiaLabs (20)

Metrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation SuccessMetrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation Success
 
Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale Organizations
 
Accelerate Your Digital Transformation: How to Achieve Business Agility with ...
Accelerate Your Digital Transformation: How to Achieve Business Agility with ...Accelerate Your Digital Transformation: How to Achieve Business Agility with ...
Accelerate Your Digital Transformation: How to Achieve Business Agility with ...
 
Don't Let Technology Slow Down Your Digital Transformation
Don't Let Technology Slow Down Your Digital Transformation Don't Let Technology Slow Down Your Digital Transformation
Don't Let Technology Slow Down Your Digital Transformation
 
Deliver More Customer Value with Value Stream Management
Deliver More Customer Value with Value Stream ManagementDeliver More Customer Value with Value Stream Management
Deliver More Customer Value with Value Stream Management
 
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
 
XebiaLabs: DevOps 2020 with Gene Kim
XebiaLabs: DevOps 2020 with Gene KimXebiaLabs: DevOps 2020 with Gene Kim
XebiaLabs: DevOps 2020 with Gene Kim
 
From Chaos to Compliance: The New Digital Governance for DevOps
From Chaos to Compliance: The New Digital Governance for DevOpsFrom Chaos to Compliance: The New Digital Governance for DevOps
From Chaos to Compliance: The New Digital Governance for DevOps
 
Supercharge Your Digital Transformation by Establishing a DevOps Platform
Supercharge Your Digital Transformation by Establishing a DevOps PlatformSupercharge Your Digital Transformation by Establishing a DevOps Platform
Supercharge Your Digital Transformation by Establishing a DevOps Platform
 
Build a Bridge Between CI/CD and ITSM w/ Quint Technology
Build a Bridge Between CI/CD and ITSM w/ Quint TechnologyBuild a Bridge Between CI/CD and ITSM w/ Quint Technology
Build a Bridge Between CI/CD and ITSM w/ Quint Technology
 
Is Your DevOps Ready for the Cloud?
Is Your DevOps Ready for the Cloud?Is Your DevOps Ready for the Cloud?
Is Your DevOps Ready for the Cloud?
 
Compliance und Sicherheit im Rahmen von Software-Deployments
Compliance und Sicherheit im Rahmen von Software-DeploymentsCompliance und Sicherheit im Rahmen von Software-Deployments
Compliance und Sicherheit im Rahmen von Software-Deployments
 
All Roads Lead to DevOps
All Roads Lead to DevOpsAll Roads Lead to DevOps
All Roads Lead to DevOps
 
Reaching Cloud Utopia: How to Create a Single Pipeline for Hybrid Deployments
Reaching Cloud Utopia: How to Create a Single Pipeline for Hybrid DeploymentsReaching Cloud Utopia: How to Create a Single Pipeline for Hybrid Deployments
Reaching Cloud Utopia: How to Create a Single Pipeline for Hybrid Deployments
 
2019 DevOps Predictions
2019 DevOps Predictions2019 DevOps Predictions
2019 DevOps Predictions
 
DevOps Hits Adolescence – what’s next?
DevOps Hits Adolescence – what’s next?DevOps Hits Adolescence – what’s next?
DevOps Hits Adolescence – what’s next?
 
Accelerate DevOps Transformation with App Migration to the Cloud
Accelerate DevOps Transformation with App Migration to the CloudAccelerate DevOps Transformation with App Migration to the Cloud
Accelerate DevOps Transformation with App Migration to the Cloud
 
The Accelerate State of DevOps Report
The Accelerate State of DevOps ReportThe Accelerate State of DevOps Report
The Accelerate State of DevOps Report
 
Container Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container ParadiseContainer Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container Paradise
 
Winning at Culture
Winning at CultureWinning at Culture
Winning at Culture
 

Recently uploaded

Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform EngineeringMarcus Vechiato
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingWSO2
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctBrainSell Technologies
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider  Progress from Awareness to Implementation.pptxTales from a Passkey Provider  Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxFIDO Alliance
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewDianaGray10
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfdanishmna97
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxMarkSteadman7
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformWSO2
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...caitlingebhard1
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe中 央社
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxFIDO Alliance
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxFIDO Alliance
 

Recently uploaded (20)

Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider  Progress from Awareness to Implementation.pptxTales from a Passkey Provider  Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 

Shift Left and Automate: How to Bake Compliance and Security into Your Software Delivery Process

  • 1. Amy Johnston, XebiaLabs Rob Vanstone, XebiaLabs How to Bake Compliance and Security into Your Software Delivery Process
  • 2. 2 Housekeeping ▪ This webinar is being recorded ▪ Links to the slides and the recording will be made available after the presentation ▪ You can post questions via the GoToWebinar Control Panel
  • 3. 3 Meet Your Presenters Rob VanstoneAmy Johnston Senior Product Marketing Manager XebiaLabs Technical Director UK XebiaLabs
  • 4. 4 Hundreds of Companies deliver software with XebiaLabs XebiaLabs DevOps Platform providing intelligence, automation and control across the entire software delivery process Shift to the Cloud Migrate to Containers Connect all Pipelines Connect CI/CD & ITSM Improve Governance & Security SCALE DEVOPS ACROSS THE ENTERPRISE
  • 5. 55
  • 6. 66
  • 7. 77
  • 8. 88
  • 9. 99 1 – Establish an immutable chain of custody for active and completed releases
  • 10. 1010
  • 11. 1111 2 – Integrate automated compliance and security testing in the DevOps pipeline
  • 12. 1212
  • 13. 1313 3 – Shift compliance and security concerns left in the software delivery pipeline
  • 14. 1414
  • 15. 1515 4 – Visualize and evaluate security vulnerabilities and IT governance violations
  • 17. 1717
  • 18. 18 How to bake security and compliance into your software delivery process ✓ Build a chain of custody for every release ✓ Integrate automated security and compliance testing ✓ Shift security and compliance concerns left ✓ Visualize security and compliance data
  • 20. Visit xebialabs.com to learn more Thank you!