Hi [[ session.user.profile.firstName ]]

6 Reasons Why Dev Should Own Security

Open source, containers and microservices, and a myriad of DevOps tools reduce the time and friction to deploy code. Oftentimes, security becomes a limiting factor in bringing new innovations to market.

To build secure applications without slowing development cycles requires a new approach to security: Shift-Left Security. This means moving security to left in the development process and into the purview of developers by integrating it into existing workflows.

Join us for this to learn:
- 6 reasons development should own security
- Best practices to employing Shift-Left security
- How to deploy secure apps at DevOps speed
Recorded Aug 18 2017 21 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Geva Solomonovich, Snyk and John Morello, Twistlock
Presentation preview: 6 Reasons Why Dev Should Own Security

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Host Security and Cloud Workload Protection for the Modern Enterprise Recorded: Jun 19 2019 32 mins
    Paul Fox, Solutions Architect and Keith Mokris, Product Marketing Lead
    While the cloud native continuum evolves to include CaaS, PaaS, and serverless architectures, VMs continue to be a vital part of the modern software stack. Whether you are running your workloads on a single platform or have embraced a hybrid cloud approach, integrating host security alongside visibility and protection for containers and serverless provides incredible benefits.

    Protecting standalone VMs, especially for teams managing their hosts like cattle rather than pets, requires a modern security approach; integrating vulnerability management and compliance across the application lifecycle while combining powerful runtime protection and microsegmentation capabilities.

    In this webinar, we will cover:

    •How VMs fit into the cloud native continuum
    •Security requirements for vulnerability management and compliance across the workload lifecycle
    •Runtime protection demo, covering application control, file integrity monitoring, host forensics, and network micro-segmentation
  • Cloud Native Compliance: CIS Certified Benchmarks Recorded: Jun 6 2019 53 mins
    Keith Mokris, Product Marketing Lead, Twistlock and Adam Montville, Chief Product Architect, CIS
    Increasingly, organizations are looking to containers and microservices to provide the agility and scalability needed to satisfy their customers. While doing so, modern enterprises also need the ability to demonstrate and maintain compliance and be aware of common violations and costs associated with compliance issues.

    The number one business issue CISOs face, at a macro level, is managing an organization's cyber risk. You can state this in a bunch of different ways, but everything the CISO does is to manage risk to information in a digital context.CIS plays a vital role in providing organizations with clear, specific, and measurable compliance requirements for the cloud, native stack and Twistlock provides world-class cloud native cybersecurity.

    Watch this webinar to learn:
    •How Twistlock checks its customers’ cloud native applications and infrastructure against the consensus-based best practice standards contained in Kubernetes, Docker, Linux, and AWS benchmarks
    •Why organizations that leverage Twistlock can ensure that the configurations of their critical assets align with the CIS Benchmarks consensus-based practice standards
    • Twistlock's CIS Security Software Certificatied Benchmarks
  • Operationalising DevSecOps: 7 Best Practices for Cloud Native Applications Recorded: Jun 5 2019 37 mins
    Ashley Ward, Principal Solution Architect, Twistlock
    Modern enterprises are implementing both the tools and the cultural changes required to embrace a DevSecOps mindset and approach.

    This webinar will highlight:

    •Risks you can avoid by embracing DevSecOps
    •DevSecOps as it relates to your container development pipeline
    •How to integrate and automate key steps of the process

    Join Twistlock Principal Solution Architect Ashley Ward for this live webinar presentation.
  • Full Lifecycle Security with OpenShift + Twistlock Recorded: May 15 2019 51 mins
    Jason Dobies, RedHat Principal Technical Marketing Manager and James Jones, Twistlock Principal Solution Architect
    Enterprises across government, healthcare, financial services, and the intelligence community that use Red Hat OpenShift to build, deploy, and manage their containers also use Twistlock to provide complete security protection for their environments. Twistlock open source contributions are already part of OpenShift, and since Twistlock runs as a native OpenShift app, it’s easy to deploy. As a Red Hat OpenShift Primed partner and Kubernetes Technology Partner, you can trust Twistlock to provide reliable, well-integrated defense for OpenShift.

    Join Twistlock Director of Product Marketing and Evangelism Sonya Koptyev for this live webinar featuring RedHat Principal Technical Marketing Manager Jason Dobies and Twistlock Principal Solution Architect James Jones to learn more about:

    •Vulnerability Prevention from Development to Runtime
    •OpenShift Security During Runtime
    •Enterprise Compliance
    •Risk Prioritization Tailored to Your Environment
    •Advanced Threat Intelligence
  • Cloud Native: Infrastructure Trends, Security Challenges, and Best Practices Recorded: Apr 4 2019 59 mins
    451 Research Senior Analyst Fernando Montenegro and Twistlock CTO John Morello
    Today, infrastructure teams have more options than ever before for running cloud workloads to enable developers to build and deploy modern applications faster than ever before. The rise in container adoption, and adjacent cloud native technologies like Kubernetes, serverless, and on-demand container platforms such as AWS Fargate and Microsoft ACI, presents new security challenges.

    Cloud native computing truly encompasses a continuum, spanning VMs, containers, serverless, and other emerging technologies. In this webinar, we hope to shine a light on ways security can protect the full cloud native continuum -- with speed to enable devops while providing security depth and control required by today’s enterprises.

    Join featured speaker 451 Research Senior Analyst Fernando Montenegro and Twistlock CTO John Morello in this webinar to learn:

    •Trends in modern infrastructure adoption and how this impacts the enterprise
    •Challenges for IT teams and security leaders when protecting cloud native applications and workloads at scale
    •Use cases and advice for implementing security best practices

    Register for this webinar to learn more.
  • Securing the Istio Service Mesh: Twistlock Compliance Checks Recorded: Mar 27 2019 41 mins
    Neil Carpenter, Principal Solution Architect and Sonya Koptyev, Director of Product Marketing and Evangelism
    Service meshes are one of the newest innovations in the world of microservices and cloud-native computing. They’re a critical tool for making microservices applications feasible to implement and manage.

    At the same time, however, service meshes — like all components of the software stack — must be properly secured. Without sufficient security oversight, service meshes run the risk of becoming a vector for attack into software infrastructure, as well as a compliance liability.

    Register now to learn more about:

    •How service meshes work and which security considerations apply to them
    •Why Twistlock identified Istio compliance checks as an important gap to address for the cloud native community
    •The official Twistlock compliance checks for Istio, including proper configurations, risk severity, major threats, and countermeasures
  • Understanding Risks and How to Secure Serverless Applications Recorded: Mar 13 2019 26 mins
    Keith Mokris, Product Marketing Lead and Kevin Lewis, Solutions Architect
    According to The New Stack, over 75 percent of organizations are already using or planning to use serverless in the next 18 months.* From AWS Lambda to Google Cloud Functions to Microsoft Azure Functions and KNative, enterprises have more cloud provider options than ever before when integrating serverless into their application portfolio.

    In this webinar learn:

    •What security concerns there are for serverless applications
    •Why serverless adoption is growing
    •How to implement best practices for maximizing serverless security
  • The Continuum of Cloud Native Topologies Recorded: Feb 20 2019 35 mins
    James Jones, Principal Solution Architect and Keith Mokris, Product Marketing Lead
    In this webinar, learn a helpful model of viewing the different cloud-native technologies as a continuum, to address different scenarios and efficiently choose which combination of technologies work best for running different workloads.

    The continuum starts with bare metal and VMs on the left, continues into “light” hypervisors (like Canonical’s LXD), and extends into containers and services like AWS Fargate and then, ultimately, serverless. Technologies to the left provide the most isolation and control with the tradeoff of greater management and performance overhead. Those to the right facilitate more agile development and app density with the tradeoff of less control.
  • Proactive Security: Revamp Your Security Strategy with Containers Recorded: Nov 20 2018 27 mins
    Sonya Koptyev, Director of Evangelism and Keith Mokris, Product Marketing Lead
    If you ask DevOps engineers about the benefits of containers and microservices, their responses will center on the agility, modularity, and scalability that microservices-based architectures provide.
    Security is a crucial and often overlooked advantage of migrating to containers and microservices.

    Containers allow enterprise to secure applications and environments at a more granular and nuanced level. They also empower enterprises to identify and resolve potential security threats before they disrupt workflows, rather than having to adopt a defensive stance oriented around addressing attacks once they are fully underway.

    Watch this webinar to learn:

    •Challenges with traditional security strategies

    •What a proactive approach to security for a microservices-based environment looks like

    •How your organization can adopt a proactive security stance when it makes the migration to containers.
  • Operationalizing Container Security: How to Standardize Container Security Recorded: Oct 24 2018 50 mins
    Michael Withrow, Principal Solution Engineer,Twistlock
    Are you are a Security Expert, DevOps resource, or Dev at a large Enterprise? Do you want to migrate your applications to containers and take them to production? Learn how to avoid some of hurdles that you will you have to overcome in your enterprise.

    Modern enterprises have fully embraced the practicality of containers in their application development, but some are still lagging when it comes to operationalizing security in their container environments.

    This webinar will highlight:

    •How to implement controls to reduce risk, from build all the way to runtime
    •How to integrate and automate key steps of the process
    •Anecdotal examples of Twistlock customers challenges/successes from the front lines of container security operationalizing efforts

    Join Twistlock Solution Architect Michael Withrow for a presentation and platform demonstration.
  • Securing AWS Fargate from Build to Runtime Recorded: Sep 20 2018 24 mins
    Kevin Lewis, Principal Solution Architect, Twistlock
    Since the announcement of AWS Fargate at AWS re:Invent 2018, enterprises have been working with their development and devops teams to explore how this new technology aligns with their application modernization strategy. With this new CaaS platform comes new operational concerns and security threats.

    Join Principal Solution Architect Kevin Lewis to learn more about:
    • How enterprises are beginning to leverage AWS Fargate
    • Potential risk and security concerns from this emerging paradigm
    • Different security approaches and how Twistlock looks to provide runtime protection for applications using Fargate
  • Incident Response and Forensics in a Cloud Native World Recorded: Aug 22 2018 37 mins
    Neil Carpenter, Principal Solution Architect, Twistlock & Keith Mokris, Product Marketing Lead, Twistlock
    With the rapid increase in containers and cloud native applications at the enterprise, security teams and incident responders are continually tasked with new requirements and challenges for detecting and investigating security incidents.

    In this webinar, Neil Carpenter from Twistlock will discuss what a transition to containers means for incident response teams and how Twistlock can help to ease the pain.

    Register for this webinar to learn:
    • Approaches to gathering incident data from Cloud Native applications
    • Examples of incidents and investigations
    • Details on Twistlock's brand-new Cloud Native Forensics Platform
  • Operationalizing DevSecOps: 7 Best Practices for Cloud Native Applications Recorded: Jul 18 2018 30 mins
    Keith Mokris, Product Marketing Lead, Twistlock
    Modern enterprises are implementing both the tools and the cultural changes required to embrace a DevSecOps mindset and approach.

    This webinar will highlight:

    •Risks you can avoid by embracing DevSecOps
    •DevSecOps as it relates to your container development pipeline
    •How to integrate and automate key steps of the process

    Join Twistlock Product Marketing Manager Keith Mokris for a presentation and platform demonstration.
  • Why Cloud Native Requires a New Approach to Firewalls Recorded: Jun 20 2018 40 mins
    Paul Fox, Principal Solution Architect, Twistlock
    As more organizations deploy containers across the enterprise, network security needs to become more automated and less dependent on static configurations. However, organizations’ network security practices have often not kept pace with the evolution of cloud native technology, and expertise on network security for containers and microservices is lacking.

    Companies often rely primarily on static perimeter based defenses and manually defined VLANs which don’t work well in a cloud native environments because there is no reliable perimeter.

    In this session, Paul Fox, Principal Solution Architect at Twistlock, will:
    • Explain why cloud native environments require a new approach for firewalls
    • Share specific tactics IT and security teams can implement to ensure security across the stack
    • Conduct a live demonstration of Windows to linux container network traffic firewalling
  • How to Modernize Your IT Infrastructure & Secure Your Applications Recorded: Jun 14 2018 46 mins
    Lee Calcote, SolarWinds, Jim Bugwadia, Robert Starmer, Kumulus Technologies, and John Morello, Twistlock
    Join this live panel discussion with experts at DockerCon to learn how containers and microservices can help modernize your IT infrastructure and increase application security.

    Tune into this interactive Q&A session to hear from Docker, Infrastructure, Cloud and DevOps experts while they discuss the following:

    - The pros and cons to modernizing your monolithic applications
    - Trends and technologies in application security
    - The security risks associated with open source and cloud native applications
    - How containers and microservice architectures can increase security and modernize your IT infrastructure

    This live panel will be streamed directly from DockerCon 2018 in San Francisco! Join us live from the comfort of your desk.

    Moderated by: Lee Calcote, Head of Technology Strategy, SolarWinds
    Panelists: Jim Bugwadia, Founder, Nirmata, Robert Starmer, Cloud Advisor & Founding Partner, Kumulus Technologies and John Morello, CTO, Twistlock
  • Beyond Containers: Going Cloud Native with Serverless Architectures Recorded: Jun 14 2018 28 mins
    John Morello, CTO, Twistlock and Lee Calcote, Head of Technology Strategy, SolarWinds
    The journey to cloud native can be a winding road, and with more and more organizations starting on this journey, companies are being taken far beyond just simply containerizing applications.

    Join this live Q&A with John Morello, CTO of Twistlock as he discusses how server-less and container-as-a-service platforms like AWS Fargate are changing how organizations deploy applications - and what this means for security.
  • Securing Containers w/ NIST SP 800-190 Recorded: Mar 7 2018 52 mins
    John Morello, Twistlock CTO & Murugiah Souppaya, Computer Scientist at NIST
    In late 2017, The National Institute of Standards and Technology (NIST) released Special Publication (SP) 800-190, the Container Security Guide, a set of guidelines for securing container applications and infrastructure.

    This panel webinar, hosted by NIST SP 800-190 co-authors, John Morello (CTO, Twistlock), and Murugiah Souppaya (Computer Scientist, NIST) will cover:

    • Why NIST SP 800-190 was created, the open process used to develop it, and how all organizations can benefit from it
    • Some of the specific container risks identified in the SP
    • Top recommended countermeasures for each risk
    Implementation guidance and best practices

    In addition, the session will highlight how organizations can leverage functionality provided by container-focused orchestration and security platforms to automate compliance across the development lifecycle - reducing overall attack surface and delivering comprehensive threat protection.
  • Trends in Container and Cloud Native Cybersecurity Recorded: Jan 23 2018 34 mins
    Josh Thorngren, VP of Marketing at Twistlock
    As software eats the world, cloud native tools and methodologies — like containers and devops— are continuously evolving. Organizations that can identify the major trends in this ever-changing landscape and then successfully secure a new cloud native environment will have an advantage in the market.

    Join Twistlock's VP of Marketing, Josh Thorngren, as he shares the macro trends he’s seeing in the cloud native security space and the extended cloud native ecosystem in 2018.

    Specifically, we’ll cover:
    * Rethinking your organization’s approach to defend against the proliferation of easy-to-use, easy-to acquire hacks, exploits and malware
    * How to shift security left by developing an entirely new paradigm and set of principles for software delivery and protection
    * How to modernize legacy workloads with containers
  • Automating Security with Kubernetes Recorded: Oct 4 2017 25 mins
    Kevin Lewis, Solution Architect
    Kubernetes is a leading orchestration tool used by teams large and small to deploy containerized applications. It is also at an ideal point to automate rules that prevent high-risk vulnerabilities and compliance violations don’t enter production environments, and deploy runtime defenses that protect your applications.

    Join Twistlock Solution Architect Kevin Lewis to see how Twistlock integrates directly into Kubernetes to improve your risk and compliance posture without slowing down development.
  • Managing Compliance in Container Environments Recorded: Sep 14 2017 32 mins
    Patrick Maddox, Sr. Director of SA, Twistlock and Adam Greenfield, Sr. Director of Enterprise Architecture, ClearDATA
    Customers and employees demand easier ways to interact with your organization. At the same time, regulatory requirements like HIPAA and PCI combined with huge amounts of sensitive data raise the stakes around building secure and compliant applications.

    Increasingly, organizations are looking to containers and microservices to provide the agility and scalability needed to satisfy their customers. But there are other crucial and oft-overlooked advantages of migrating to containers and microservices: Compliance and Security. Containers offer a number of opportunities for building and deploying more secure applications and environments.

    We’ll look at how containers enable automated security and compliance checks throughout the entire development lifecycle, from the first line of code through to runtime.

    Attendees will learn:
    •How to enforce compliance across the entire software delivery lifecycle
    •Best practices for securing container environments
    •Strategies and tips to scale application security and compliance
Cloud native cybersecurity for the modern enterprise
Twistlock is the leading provider of container and cloud native cybersecurity solutions for the modern enterprise. From precise, actionable vulnerability management to automatically deployed runtime protection and firewalls, Twistlock protects applications across the development lifecycle and into production. Purpose built for containers, serverless, and other leading technologies - Twistlock gives developers the speed they want, and CISOs the control they need.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 6 Reasons Why Dev Should Own Security
  • Live at: Aug 18 2017 5:00 pm
  • Presented by: Geva Solomonovich, Snyk and John Morello, Twistlock
  • From:
Your email has been sent.
or close