In a cloud-native world, the “shift left” mindset for security teams is not just about technology, but also about culture. This talk will meld the two topics, bringing together core cloud-native security concepts such as the “Three Rs” of security with the cultural changes needed to achieve the outcomes the security teams are striving for as their partners in software development and operations implement XP/agile, SRE and other cloud native concepts. The talk will touch on topics including: Shift to cloud-native patterns including containers and functions Speed of development and the associated shift to XP/agile and DevOps/SRE methods The impacts these shifts are having on security teams The need for smart, effective automation, with solutions such as ephemeral systems and immutable infrastructure as core enablers Automated repaving as a path to effective 100% successful patching Embedding security in application development and DevOps teams as a full partner, not a “control” function

Field CISO, Pivotal Software

Steve White is a Field CISO for Pivotal where he helps organizations envision and implement new ways of integrating security into the software development, deployment, and