Balancing Speed & Security in a DevOps World

Presented by

Stephen Elliott, Product Manager Google Container Registry and Dave Meurer, Director Technical Alliances

About this talk

DevOps teams are using cloud platforms and containers to build, deploy, and manage applications faster than ever, and utilizing large amounts of open-source software to increase agility. Google Cloud platform makes building and shipping containers even easier with Google Container Builder, Google Container Engine (GKE), and Google Container Registry (GCR). But when you deploy a container or cloud-native application, it’s hard to know exactly what contents are inside, and that can make managing security painful. Secure DevOps means having full visibility and control of your software supply chain to implement security and governance policies. How do you protect your DevOps without slowing down? Join experts from Google and Black Duck to discuss how to secure the software supply chain including: - Understanding the modern attack landscape - How to select safe and healthy open source software in development - How you can automate open source control and visibility in containers with Black Duck and both Google Container Builder and GCR - The Grafeas and Kritis projects, and the work Google and Black Duck are doing to enhance security visibility and provide policy enforcement for containers.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (75)
Subscribers (6597)
We go beyond traditional application testing to empower you to build security into your software at every stage of your development process. We offer application testing and remediation expertise, guidance for structuring a software security initiative, training, and professional services for a proactive approach to application security.