2020 New York Virtual Super Symposium
DevSecOps & Advancing Cloud Security

#IANSNY #IANSEvents

Wednesday, June 24, 2020 | 10:00 AM - 12:30 PM
Web Conference, New York, NY

Select a track to see more information:


with Tanya Janca

This talk will argue that DevOps could be the best thing to happen to application security since OWASP -- if developers and operations teams are enabled to make security a part of their everyday work.

With a ratio of 100/10/1 for Development, Operations, and Security, security now needs to concentrate on creating tools, processes and opportunities for dev and ops that result in more-secure products, instead of trying to do it all themselves like they did in days past. We must build security into each of “The Three Ways”; automating and/or improving efficiency of all security activities to ensure we don’t slow down developers, speeding up feedback loops for security related activities so that we fix the bugs faster and sooner, and providing continuous learning opportunities in relation to security, for both teams.

Security can no longer be a gate or stumbling block, and ‘adding security in’ can no longer be used as a justification for project delays. If developers are sprinting, then we need to sprint too. So put on your running shoes; it’s time for DevSecOps!


with Rich Mogull

Small teams are stuck at the ground level for cloud security and need to mature. Large teams keep making rookie mistakes when designing cloud architecture, managing apps and configuring systems.

Both need to know what they’re doing wrong and how to do it right.

This symposium will begin with a brief overview of the IANS/Securosis Cloud Security Maturity Model and then explore fresh guidance to improve SecOps and DevOps in the cloud. The agenda includes:

  • How to build an automation framework for SecOps in the cloud
  • How to build a library of design patterns that development teams can use to develop stronger code in the cloud
  • How to know when you’ve reached the point within cloud security where you don’t actually have to be involved because everything is being built into code and infrastructure

Audience

This regional in-person symposium has been updated to a virtual event and is intended for practitioners from the New York metro area. For people outside of the region who wish to join, attendance is subject to capacity. We will inform out-of-metro registrants on the status of their registration one week in advance of the symposium.

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.

Let your colleagues know you're coming!

Register Now

* Required Fields

2020 New York Virtual Super Symposium Facilitators

rich-mogull

Rich Mogull

IANS Faculty

Rich Mogull has 20 years of experience in information security, physical security and risk management. He specializes in cloud security, application security, security automation, security management and data security. Prior to founding Securosis, Rich was a Research VP at Gartner on the security team where he also served as Research Co-Chair for the Gartner Security Summit. Rich has worked as an Independent Consultant, Web Application Developer, Software Development Manager at the University of Colorado, and Systems and Network Administrator. Rich is the Security Editor of TidBITS, a monthly columnist for Dark Reading. He is a frequent industry speaker at events including the RSA Security Conference and DEFCON, and has spoken on every continent except Antarctica. A University of Colorado graduate with a degree in history, Rich's interests outside of information security include martial arts and triathlons.

Tanya Janca

IANS Faculty
Tanya Janca is independent security consultant specializing in software and cloud security. Her obsession with securing software runs deep, from starting her company, to running her own OWASP chapter for 4 years and founding the OWASP DevSlop open-source and education project. With her countless blog articles, workshops and talks, her focus is clear. Tanya is also an advocate for diversity and inclusion, co-founding the international women’s organization WoSEC, starting the online #MentoringMonday initiative, and personally mentoring, advocating for and enabling countless other women in her field. As a professional computer geek of 20+ years, she is a person who is truly fascinated by the ‘science’ of computer science.

Web Conference

Registrants will receive a logistics email with web conference meeting information one day prior to the event.

Attendee Qualification

This Symposium is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Symposium to any entity or individual. IANS’ receipt of a registration application does not constitute acceptance. Individuals from Information Security Solution Providers (software, hardware, and consulting companies) are not eligible to attend. Symposiums are open to IANS clients that are Credential Holders and qualified Information Security Practitioners identified by IANS.

Attendee Contact

ians@iansresearch.com

Check out IANS other upcoming events