RECORDED May 15th, 2018
RSA Encore: The Emergent Cloud Security Toolchain for CI/CD
All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler.
This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table.Learning Objectives:
- Learn the emerging patterns for security in CI/CD pipelines.
- Receive a pragmatic security toolchain for CI/CD to use in your organization.
- Understand what the real meaning of DevSecOps is without all the hype.
About the Presenter: James Wickett
James spends a lot of time at the intersection of the DevOps and Security communities. He works as Head of Research at Signal Sciences and is a supporter of the Rugged Software and Rugged DevOps movements. Seeing the gap in software testing, James founded an open source project, Gauntlt, to serve as a Rugged Testing Framework. He is the author of DevOps Fundamentals, Infrastructure Automation, both DevOps core courses available on Lynda.com and LinkedIn Learning.
He got his start in technology when he founded a startup as a student at University of Oklahoma and since then has worked in environments ranging from large, web-scale enterprises to small, rapid-growth startups. He is a dynamic speaker on topics in DevOps, InfoSec, cloud security, security testing, Rugged DevOps and serverless.
James is the creator and founder of the Lonestar Application Security Conference which is the largest annual security conference in Austin, TX. He also runs DevOps Days Austin and is on the global DevOps Days board. He also holds several security certifications including CISSP and GWAPT.
In his spare time he is trying to learn how to make a perfect BBQ brisket.