In this Section

Tutorial: Security Automation in DevOps

As enterprises continue to transform their IT methodology through the culture and practices known as DevOps, the need to address security concerns cannot be ignored. With data breaches continuing to make headline news, and much of the cause attributed to software vulnerabilities, the stakes are higher than ever. The market is demanding feature-rich applications, yet at the same time expecting increased security to be baked-in.

Addressing security in a fast-moving DevOps environments is essential, not just for the long-term success of your SDLC, but for the protection of your entire stack of tools and processes. Moreover, the continued expansion of cloud and the rapid release of new DevOps tools is allowing adversaries to take advantage in brand new ways.

The Security Automation in DevOps tutorial contains technical concepts and assumes a general understanding of coding, but is not specific to any language. It has been designed for security managers, engineering managers, operations staff and developers alike. We recommend also inviting operations team leads, or network and system administrators, as they’ll see the bigger picture, and learn how to better secure your production systems.

Our unique full-day tutorial covers key tactics and techniques for achieving tangible security in your DevOps environment. We cover improved application security tricks, and also the growing need to secure your entire DevOps production system across the “full stack”.

This tutorial examines ways of integrating security into DevOps environments by looking at opportunities at each stage of the development pipeline. The core focus is on automating repeatable security tasks allowing “lowhanging-fruit” issues to be remediated without human intervention. We also address the need to secure the entire stack of DevOps tools and technologies along with a practical demonstration that shows how an Amazon AWS account could be attacked. Our continual research and development of security in DevOps includes best practice security including OWASP Top 10, and Amazon AWS Best Practice to name a few.

Download our PDF to read more

SenseofSecurity_A4_Tutorial-Security-Automation-in-DevOps-1.pdf (111 downloads)