Getting to Secure DevOps

Logo
Presented by

Gavin Matthews, Senior Technical Product Manager, Red Canary

About this talk

DevOps established infrastructure that is fast, and easy to deploy and maintain. And it is increasingly complex. Further, many DevOps programs face a high risk of threats as security has not been successfully integrated into the infrastructure and workflows. Achieving a secure infrastructure as code state would reduce the risk of threats, improve visibility and reduce alert fatigue for security operations teams. There are some basic investments that security teams can make in collaboration with DevOps to improve security without compromising the speed and ease of infrastructure-as-code deployments. These include: 1) Security awareness and training, 2) Setting standards through code, 3) Automating as much as possible, 4) Reimaging and redeploying frequently, 5) Taking runtime threats seriously. A combination of security tools and services - including open source tools - can help organizations take these steps to reduce their risk and work towards secure infrastructure as code.

Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (884)
Subscribers (55228)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa