Early on in the "cloud," Werner Vogels made his famous quote "You Build It, You Run It". With DevOps we learned that this became a mantra for shared responsibility between developers and operations. Operations learned how to process infrastructure as code and participate early in the supply chain of a service's life cycle. Developers learned that they had responsibilities to enable and in some cases operationalize their service. Now there is a new movement to include and collaborate in a similar way with Security. This is all part of an "everything" shift left ideal. Developers and operations are taught the importance of including security in the stories and all parts of the delivery pipeline including security gates as well as code test gates. Listen in on this session featuring DevSecOps expert, John Willis, as he goes through an introduction to DevSecOps. We discuss: Why traditional DevOps has shifted and what this shift means How DevSecOps can change the game for your team Tips and tricks for getting DevSecOps started within your organization About the Speaker: John Willis is VP of DevOps and Digital Practices at SJ Technologies. Prior to SJ Technologies he was the Director of Ecosystem Development for Docker, which he joined after the company he co-founded (SocketPlane, which focused on SDN for containers) was acquired by Docker in March 2015. Previous to founding SocketPlane in Fall 2014, John was the Chief DevOps Evangelist at Dell, which he joined following the Enstratius acquisition in May 2013. He has also held past executive roles at Opscode/Chef and Canonical/Ubuntu. John is the author of 7 IBM Redbooks and is co-author of the “DevOps Handbook” and the upcoming Beyond the Phoenix Project.
Agility is the cornerstone of the DevOps movement. Developers are working to continuously integrate and deploy (CI/CD) code to the cloud to ensure applications are seamlessly updated and current. But what about ensuring they are secure? Security best practices and compliance are now the responsibility of everyone in the development lifecycle, and continuous security is a critical component of the ongoing deployment process. The challenge is that not everyone knows how to integrate these two camps in a seamless and successful manner. Listen in on this session for an interactive webinar featuring George Gerchow, VP of Security and Compliance at Sumo Logic and DevSecOps evangelist, to discover how to: Incorporate fundamental and high impact security best practices into your current DevOps operations Gain visibility into your compliance posture Identify potential risks and threats in your environments