2020 New York Virtual Super Symposium
DevSecOps & Advancing Cloud Security

#IANSNY #IANSEvents

Wednesday, June 24, 2020 | 10:00 AM - 12:30 PM
Web Conference, New York, NY

Select a track to see more information:


with Tanya Janca

This talk will argue that DevOps could be the best thing to happen to application security since OWASP -- if developers and operations teams are enabled to make security a part of their everyday work.

With a ratio of 100/10/1 for Development, Operations, and Security, security now needs to concentrate on creating tools, processes and opportunities for dev and ops that result in more-secure products, instead of trying to do it all themselves like they did in days past. We must build security into each of “The Three Ways”; automating and/or improving efficiency of all security activities to ensure we don’t slow down developers, speeding up feedback loops for security related activities so that we fix the bugs faster and sooner, and providing continuous learning opportunities in relation to security, for both teams.

Security can no longer be a gate or stumbling block, and ‘adding security in’ can no longer be used as a justification for project delays. If developers are sprinting, then we need to sprint too. So put on your running shoes; it’s time for DevSecOps!


with Rich Mogull

Small teams are stuck at the ground level for cloud security and need to mature. Large teams keep making rookie mistakes when designing cloud architecture, managing apps and configuring systems.

Both need to know what they’re doing wrong and how to do it right.

This symposium will begin with a brief overview of the IANS/Securosis Cloud Security Maturity Model and then explore fresh guidance to improve SecOps and DevOps in the cloud. The agenda includes:

  • How to build an automation framework for SecOps in the cloud
  • How to build a library of design patterns that development teams can use to develop stronger code in the cloud
  • How to know when you’ve reached the point within cloud security where you don’t actually have to be involved because everything is being built into code and infrastructure

Audience

This regional in-person symposium has been updated to a virtual event and is intended for practitioners from the New York metro area. For people outside of the region who wish to join, attendance is subject to capacity. We will inform out-of-metro registrants on the status of their registration one week in advance of the symposium.

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.

Let your colleagues know you're coming!

This event has ended.

Check out our other upcoming events!

View All Events
*Receive 1 CPE credit for every hour of attendance at our events.

2020 New York Virtual Super Symposium Facilitators

rich-mogull

Rich Mogull

IANS Faculty

Rich Mogull has 20 years of experience in information security, physical security and risk management. He specializes in cloud security, application security, security automation, security management and data security. Prior to founding Securosis, Rich was a Research VP at Gartner on the security team where he also served as Research Co-Chair for the Gartner Security Summit. Rich has worked as an Independent Consultant, Web Application Developer, Software Development Manager at the University of Colorado, and Systems and Network Administrator. Rich is the Security Editor of TidBITS, a monthly columnist for Dark Reading. He is a frequent industry speaker at events including the RSA Security Conference and DEFCON, and has spoken on every continent except Antarctica. A University of Colorado graduate with a degree in history, Rich's interests outside of information security include martial arts and triathlons.

Tanya Janca

Tanya Janca

IANS Faculty

Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats – startup founder, pentester, CISO, AppSec engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives.

Web Conference

Registrants will receive a logistics email with web conference meeting information one day prior to the event.

Attendee Qualification

This Symposium is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Symposium to any entity or individual. IANS’ receipt of a registration application does not constitute acceptance. Individuals from Information Security Solution Providers (software, hardware, and consulting companies) are not eligible to attend. Symposiums are open to IANS clients that are Credential Holders and qualified Information Security Practitioners identified by IANS.

Attendee Contact

ians@iansresearch.com

Check out IANS other upcoming events