Government Agencies and Commercial Organizations are rapidly adopting devops and cloud services. The advent of readily available automation services are transforming the way we respond to security and systems events at scale. As developers accelerate the pace and frequency of code deployments, the security and compliance teams must constantly play catch-up. The use of DevSecOps methodologies and technologies can help integrate security and compliance functions into the Continuous Integration/Continuous Delivery (CI/CD) pipeline. The combination of DevSecOps when supplemented by management best practices can yield optimal results to help organizations detect and respond to incidents faster.
The talk will cover the following topics -
This talk will focus on practical examples to help create awareness of emerging practices and relevance of industry security standards such as NIST, OWASP, CIS and how they should be part of the DevOps pipeline.