Quick and Dirty DevSecOps (Room 1K)




Many DevOps devotees have heard about security and maybe even read a few blog posts about DevSecOps. But you get busy building code, eliminating WIP, and eliminating tech debt. That doesn’t leave a lot of time to make sure the code you are actually deploying is secure. But the power of DevOps is that you can build security in once, and it’s there. And even better, you don’t have to be a security expert to be able to start deploying more secure code.

Yet, where do you start? Especially if you consider yourself a security novice. Don’t worry, we all start as novices, but it’s usually pretty helpful to get a head start by learning what’s important and having some samples to model.

In this workshop, you will learn what attackers look for first, and the best practices to make your technology stack much more secure quickly. Then you’ll get code to figure out if you are at risk and as well as scripts to make sure the issues are quickly fixed, and don’t happen again. Notes and comments

We are a KC company. Actually our office is at Plexpod, so we're kind of the home team. ;-) We're also 25+ year security folks that are focused on making the cloud and DevOps pipelines more secure. We're happy to share our knowledge.

Speaker

rich-mogull

Rich Mogull

 
VP of Product at DisruptOPS. With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven ...