Wednesday, June 24, 2020 | 10:00 AM - 12:30 PM
Web Conference, New York, NY
Select a track to see more information:
with Tanya Janca
This talk will argue that DevOps could be the best thing to happen to application security since OWASP -- if developers and operations teams are enabled to make security a part of their everyday work.
With a ratio of 100/10/1 for Development, Operations, and Security, security now needs to concentrate on creating tools, processes and opportunities for dev and ops that result in more-secure products, instead of trying to do it all themselves like they did in days past. We must build security into each of “The Three Ways”; automating and/or improving efficiency of all security activities to ensure we don’t slow down developers, speeding up feedback loops for security related activities so that we fix the bugs faster and sooner, and providing continuous learning opportunities in relation to security, for both teams.
Security can no longer be a gate or stumbling block, and ‘adding security in’ can no longer be used as a justification for project delays. If developers are sprinting, then we need to sprint too. So put on your running shoes; it’s time for DevSecOps!
with Rich Mogull
Small teams are stuck at the ground level for cloud security and need to mature. Large teams keep making rookie mistakes when designing cloud architecture, managing apps and configuring systems.
Both need to know what they’re doing wrong and how to do it right.
This symposium will begin with a brief overview of the IANS/Securosis Cloud Security Maturity Model and then explore fresh guidance to improve SecOps and DevOps in the cloud. The agenda includes:
This regional in-person symposium has been updated to a virtual event and is intended for practitioners from the New York metro area. For people outside of the region who wish to join, attendance is subject to capacity. We will inform out-of-metro registrants on the status of their registration one week in advance of the symposium.
This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.
Check out our other upcoming events!View All Events
Rich Mogull has 20 years of experience in information security, physical security and risk management. He specializes in cloud security, application security, security automation, security management and data security. Prior to founding Securosis, Rich was a Research VP at Gartner on the security team where he also served as Research Co-Chair for the Gartner Security Summit. Rich has worked as an Independent Consultant, Web Application Developer, Software Development Manager at the University of Colorado, and Systems and Network Administrator. Rich is the Security Editor of TidBITS, a monthly columnist for Dark Reading. He is a frequent industry speaker at events including the RSA Security Conference and DEFCON, and has spoken on every continent except Antarctica. A University of Colorado graduate with a degree in history, Rich's interests outside of information security include martial arts and triathlons.
Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats – startup founder, pentester, CISO, AppSec engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives.
Registrants will receive a logistics email with web conference meeting information one day prior to the event.
2022 Infosec Trends WebinarLearn More
Minneapolis RoundtableLearn More
Columbus RoundtableLearn More