The need to detect data security blind spots is becoming more important every day. This includes sensitive data that was not found in the data discovery process, as well as failures of our deployed critical security control systems. Without formal and automated processes to detect and alert to new data discovery findings and critical security control failures as soon as possible, the window of time grows, allowing attackers to identify a way to compromise the systems and steal sensitive data. This can also impact our real compliance posture and compliance to PCI DSS 3.2.
Revisions to PCI DSS point toward the realization that security must be built into the development process. This is frequently referred to as Rugged DevOps or SecDevOps, and is embracing the speed of DevOps and continuous delivery in a secure environment. DevOps does affect security, and you can use it to your advantage. As cloud, big data and DevOps disrupt traditional approaches to security, new capabilities emerge to automate and enhance security operations.
Join this session and learn how to automatically report on these data security blind spots and how security can be built into the development process and platforms. Ulf Mattsson, CTO of Compliance Engineering will discuss how security can be built into Rugged DevOps,SecDevOps, DevSecOps, Scrum, SAFe, DAD and use in Large-scale Development.