Quick and Dirty DevSecOps

Many DevOps devotees have heard about security and maybe even read a few blog posts about DevSecOps. But you get busy building code, reducing WIP, and eliminating tech debt. That doesn’t leave a lot of time to make sure the code you are actually deploying is secure. But the power of DevOps is that you can build security in once, and it’s there. And even better, you don’t have to be a security expert to be able to start deploying more secure code.

Yet, where do you start? Especially if you consider yourself a security novice. Don’t worry, we all start as novices, but it’s usually pretty helpful to get a head start by learning what’s important and having some samples to model.

In this talk, you will learn what attackers look for first, and the best practices to make your technology stack much more secure quickly. Then we’ll go through some techniques to figure out if you are at risk and point to some scripts and open source tools to make sure the issues are quickly fixed and don’t happen again.

Why reinvent the wheel when you can get a quick and dirty tutorial on making your DevOps environment more secure?



Mike Rothman

Mike Rothman is a 25-year security veteran, specializing in protecting networks and endpoints, security management, compliance, and helping clients navigate a secure evolution to the cloud. He teaches ...