Hi [[ session.user.profile.firstName ]]

The Challenges of Scaling DevSecOps

Organizations enjoy the speed that DevOps brings to development and delivery. However, most security and compliance monitoring tools have not been able to keep up, becoming the most significant barrier to continuous delivery.
Now some good news: you can easily integrate security into your existing processes to solve this challenge.
In this session, Shiri Ivtsan, Senior Product Manager at WhiteSource, will discuss:
- Leveraging the DevSecOps approach to help speed up security
- Scaling security into your agile processes
- 5 easy ways to start driving DevSecOps in your organization
Recorded Oct 16 2019 24 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Shiri Ivtsan, Senior Product Manager
Presentation preview: The Challenges of Scaling DevSecOps

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Panel Discussion: Scaling DevSecOps Recorded: Jan 27 2020 56 mins
    Jeffrey Martin, Director of Product at WhiteSource
    The need to include security as part of the DevOps process is well-understood, and greater numbers of DevOps teams are shifting security left to ensure their applications are more secure. But how can an organization scale its DevSecOps efforts without introducing unnecessary friction in the software development life cycle? This webinar explores some of the pitfalls to avoid when looking to scale DevSecOps and offers tips to help organizations keep their DevSecOps efforts on track.
  • Tackling the Container Iceberg: How to Approach Open Source Security Recorded: Jan 21 2020 60 mins
    Jeffrey Martin (Director of Product) and Dan Garfield (Chief Technology Evangelist at Codefresh)
    Container images are based on many direct and indirect open source dependencies, which most developers are not aware of. What are the security implications of only seeing the tip of the iceberg? What are the challenges one faces when relying so heavily on open source? And how can teams overcome these?

    Join Codefresh and WhiteSource, as they embark on a journey to tackle:

    *The container iceberg - learn what are your blind spots
    *The main security challenges when using open source in containerized applications
    *The role of automation in open source security in containers
    *A live demo showing how WhiteSource & Codefresh can allow you to automate open source security in containers throughout the DevOps pipeline
  • Cloud Security – Keeping Serverless Data Safe Recorded: Jan 7 2020 59 mins
    Panel discussion featuring Shiri Ivtsan, Senior Product Manager
    The push to the cloud has introduced a previously unknown level of agility to many organizations, but sometimes at the expense of data security. Human error often is the cause of cloud security blunders, putting sensitive data at risk and causing real damage to companies in terms of financial liability and loss of reputation. This webinar discusses some of the more overlooked aspects of cloud security and offers up some best practices for ensuring data in the cloud is truly secure.
  • From Zero to Hero: Continuous Container Security in 4 Simple Steps Recorded: Dec 19 2019 57 mins
    Shiri Ivtsan, Product Manager at WhiteSource
    Containers are shaping the way organizations are developing and managing applications nowadays. However, many are not always fully aware of the measures that need to be taken across the entire software development lifecycle, especially when it comes to open source security aspects. The mindset of securing our applications needs to be shifted – to continuous security. In this session, Shiri Ivstan, Product Manager at WhiteSource, will discuss:

    1) the main security challenges organizations face when using containers;

    2) the most common layers in a typical container deployment; and

    3) 4 simple steps to build security into each layer.
  • Transforming from DevOps to DevSecOps at Scale Recorded: Dec 17 2019 62 mins
    Larry Macherrone (DevSecOps Transformation Leader at Comcast)
    Many security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy orders of magnitude faster than human gating can achieve.

    Similarly, security groups believe that policy enforcement is their biggest (only?) lever... "If we can just update the policies to be more consumable/relevant/context aware/etc and get developers to pay attention, then magic will happen." But, policy enforcement rarely moves the needle and it creates a tense relationship between development and security that can do more harm than good.

    This talk is a step-by-step framework for going from wherever you are now to getting on the path of DevSecOps cultural transformation. It addresses the mindset shift concerns for all relevant audiences. It addresses the mechanics of getting started and tracking progress. It's adaptable to any environment regardless of industry, technology, or maturity. Most importantly it's been proven in a highly diverse environment at Comcast.
  • Securing Container-Based Applications at the Speed of DevOps Recorded: Dec 12 2019 59 mins
    Carmen Puccio (Solutions Architect, AWS) & Shiri Ivtsan (Product Manager, WhiteSource)
    Thanks to containerization and automation, applications are being developed and delivered faster than ever. With tools such as AWS ECR, developers are able to store, manage and deploy Docker container images without having to worry about operating their own container repositories or scaling the underlying infrastructure. With this, however, arise challenges around managing the security and compliance aspect of your container images. With tools such as WhiteSource, developers are able to manage the security of their containers and container images with no impact on agility and speed.

    Join Shiri Ivtsan, Product Manager at WhiteSource and Carmen Puccio, Solutions Architect at AWS, as they discuss the following:

    - Effectively managing and deploying your container images
    - Gaining full visibility into your container images
    - Building and automating security into each layer of the container environment to ensure a continuous process throughout the SDLC
    - Demonstrating a live example using a vulnerable container image
  • Tackling the Container Iceberg: How to Approach Open Source Security Recorded: Dec 8 2019 61 mins
    Jeffrey Martin (Director of Product) and Dan Garfield (Chief Technology Evangelist at Codefresh)
    Container images are based on many direct and indirect open source dependencies, which most developers are not aware of. What are the security implications of only seeing the tip of the iceberg? What are the challenges one faces when relying so heavily on open source? And how can teams overcome these?

    Join Codefresh and WhiteSource, as they embark on a journey to tackle:

    *The container iceberg - learn what are your blind spots
    *The main security challenges when using open source in containerized applications
    *The role of automation in open source security in containers
    *A live demo showing how WhiteSource & Codefresh can allow you to automate open source security in containers throughout the DevOps pipeline
  • Empowering Financial Institutions to use Open Source with Confidence Recorded: Nov 28 2019 55 mins
    Jeff Crum, Senior Director, Product Marketing at WhiteSource and James McLeod Director of Community, FINOS
    The days when financial institutions relied solemnly on proprietary code are over. Today, even the largest financial services firms have realized the benefits of using open source technology to build powerful, innovative applications at a reduced time-to-market. However, the financial services industry faces strict regulatory requirements that present it with a unique set of challenges, especially when it comes to open source usage (both consumption and contribution).

    FINOS is a non-profit organization whose purpose is to accelerate collaboration and innovation in financial services through the adoption of open source software, standards and best practices. Together with WhiteSource, they are able to provide a safe environment for developers to use open source components freely and fearlessly.

    Join FINOS and WhiteSource as they discuss:

    The challenges of open source usage
    The state of open source vulnerabilities management
    How FINOS uses WhiteSource to ensure the security and IP compliance of FINOS-produced open source software
  • DevSecOps in the Cloud Is More Than Just CI/CD Recorded: Nov 28 2019 36 mins
    Henrik Johansson (Principal - Office of the CISO at AWS)
    DevSecOps is often associated with securing a development pipeline in traditional CI/CD frameworks. Join this session, held by Henrik Johansson, Principal - Office of the CISO at AWS, as he discusses and shows:

    - how public cloud technology enables you to fully embrace security automation in your infrastructure
    - how to account security using managed security services to detect incidents and risks at scale; as well as
    - techniques like automated incident response actions and automated instance isolation.
  • Who Owns Application Security In The Age of DevOps? Recorded: Nov 28 2019 52 mins
    Jeffrey Martin and Rhys Arkins, the Directors of Product at WhiteSource
    Application security is a top priority today for companies that are developing software. However, it is also becoming more challenging and complex as release frequency continues to rise, more open source components are adopted, and the requirements for data security are getting stricter. Thanks to new DevOps practices and tools, development cycles are getting shorter, allowing organizations to meet market demands and deliver a superior customer experience, but is application security keeping up? How is it possible to develop at the speed of business, while also maintaining application security, particularly for open source components? Developers have a key role to play in balancing security with the need for rapid innovation.


    Join Jeffrey Martin and Rhys Arkins, the Directors of Product at WhiteSource, as they discuss:

    The latest insights leading AppSec and open source security to shift left into early stages
    Conclusions from our research that encompassed a survey of over 650 software developers worldwide
    Strategies and tools that can be used to develop both quickly and securely
  • Panel Discussion: Container Management: Configuration, Monitoring and More Recorded: Nov 28 2019 60 mins
    Shiri Ivtsan, Senior Product Manager
    The container space has evolved dramatically, growing into a thriving ecosystem that goes well beyond containers to include orchestration platforms, monitoring tools and more to enable end-to-end container management. In this ebook, we explore the expanding category of container management, including technology and market trends and the essentials an organization needs to manage its container environment effectively.
  • 360° Kubernetes Security: From Source Code to K8s Configuration Security Recorded: Nov 26 2019 51 mins
    Shiri Ivtsan, Senior Product Manager
    Kubernetes has become the default way for many organizations to scale and orchestrate their use of containers. However, organizations are starting to find themselves needing to take the necessary steps to protect their containers. Automating security checks throughout the development life cycle can help reduce risk and allow organizations to develop and deploy securely.

    Join Shiri Ivstan, Senior Product Manager at WhiteSource and Yaniv Peleg Tsabari, Senior Director of Product Management at Alcide, as they explore the world of security in Kubernetes and discuss:

    The security risks associated with open-source code and Kubernetes environments
    Supply Chain: Continuous Security throughout the CI/CD pipeline
    Security aspects throughout the development cycle, such as Image Scanning, Image Assurance, K8s Configuration hygiene and more.
    How to automate policies with respect to the above techniques throughout the CI/CD pipeline in order to facilitate more secure application deployments.
  • Panel Discussion: Scaling DevSecOps Recorded: Nov 21 2019 56 mins
    Jeffrey Martin, Director of Product at WhiteSource
    The need to include security as part of the DevOps process is well-understood, and greater numbers of DevOps teams are shifting security left to ensure their applications are more secure. But how can an organization scale its DevSecOps efforts without introducing unnecessary friction in the software development life cycle? This webinar explores some of the pitfalls to avoid when looking to scale DevSecOps and offers tips to help organizations keep their DevSecOps efforts on track.
  • Panel Discussion: Container Management: Configuration, Monitoring and More Recorded: Nov 21 2019 61 mins
    Shiri Ivtsan, Senior Product Manager
    The container space has evolved dramatically, growing into a thriving ecosystem that goes well beyond containers to include orchestration platforms, monitoring tools and more to enable end-to-end container management. In this ebook, we explore the expanding category of container management, including technology and market trends and the essentials an organization needs to manage its container environment effectively.
  • The Next Generation of Application Security Recorded: Nov 20 2019 59 mins
    Panel Discussion
    Application security is an effective tool for defending against attacks. But as IT infrastructures shift to “software-defined everything” and move to the cloud, traditional appsec models no longer are enough to protect the application.

    This webinar takes a look at how companies are addressing new models to address more dispersed and dynamically connected applications, from traditional web and mobile APIs to containers and microservices.
  • 10 Tips for Achieving Cultural Change in DevOps Recorded: Nov 12 2019 60 mins
    Jeffrey Martin
    DevOps success depends on three things: people, processes and tools. While tools and processes can be easy enough to address, the people part of the equation can be more difficult to tackle. Changing the culture of an organization can be akin to turning a cruise ship midstream. This webinar offers 10 tips to help employees let go of traditional ways of working and embrace DevOps.
  • Empowering Financial Institutions to use Open Source with Confidence Recorded: Nov 10 2019 56 mins
    Jeff Crum, Senior Director, Product Marketing at WhiteSource
    The days when financial institutions relied solemnly on proprietary code are over. Today, even the largest financial services firms have realized the benefits of using open source technology to build powerful, innovative applications at a reduced time-to-market. However, the financial services industry faces strict regulatory requirements that present it with a unique set of challenges, especially when it comes to open source usage (both consumption and contribution).

    FINOS is a non-profit organization whose purpose is to accelerate collaboration and innovation in financial services through the adoption of open source software, standards and best practices. Together with WhiteSource, they are able to provide a safe environment for developers to use open source components freely and fearlessly.

    Join FINOS and WhiteSource as they discuss:

    The challenges of open source usage
    The state of open source vulnerabilities management
    How FINOS uses WhiteSource to ensure the security and IP compliance of FINOS-produced open source software
  • The Challenges of Scaling DevSecOps Recorded: Nov 6 2019 23 mins
    Shiri Ivtsan, Senior Product Manager
    Organizations enjoy the speed that DevOps brings to development and delivery. However, most security and compliance monitoring tools have not been able to keep up, becoming the most significant barrier to continuous delivery.
    Now some good news: you can easily integrate security into your existing processes to solve this challenge.
    In this session, Shiri Ivtsan, Senior Product Manager at WhiteSource, will discuss:
    - Leveraging the DevSecOps approach to help speed up security
    - Scaling security into your agile processes
    - 5 easy ways to start driving DevSecOps in your organization
  • Taking Open Source Security to the Next Level Recorded: Oct 24 2019 55 mins
    Senior Director of Product Marketing, Jeff Crum
    Join us for a webinar featuring Forrester VP and Research Director Amy DeMartine to learn more about why open source security has become critical for securing modern applications, the main considerations when evaluating an open source security and license compliance solution and what she sees in store for the future.


    Additionally, WhiteSource Senior Director of Product Marketing, Jeff Crum, will discuss recent analysis of the Software Composition Analysis (SCA) market, including takeaways from The Forrester Wave™: Software Composition Analysis, Q2 2019.
  • Lessons Learned by an Agent of Chaos From DevOps Transformations Recorded: Oct 17 2019 28 mins
    Willy-Peter Schaub (Software Engineer, Director at AJATO Transformations Limited)
    Is your organization ready to embrace a DevOps mindset? Receive a pragmatic view from an agent of chaos, who’s promoting the goal for a single continuous integration and delivery pipeline, shifting testing, security, code reviews, and other opportunities to improve information sharing and quality to the left, shifting configuration to the right, and most importantly, aiming to delight users with constant value.

    Join Willy-Peter Schaub, Software Engineer & Director at AJATO Transformations Limited, as he shares:

    -The learnings and epiphanies gathered during DevOps transformations
    -How practices such as Shift Left, Shift Right and progressive mindset affects the union of people, process and products
An open source security and licenses management solution
WhiteSource allows engineering, security and compliance officers to effortlessly secure and manage the use of open source components in their software, allowing developers to focus on building great products. WhiteSource fully automates all open source management processes: component detection; security vulnerability alerts and fixes; license risk and compliance analysis along with policy enforcement; quality review, and new version alerts. It offers a complete suite of control, reporting and management to help software teams manage open source truly effortlessly. For more information about WhiteSource, visit http://www.whitesourcesoftware.com or follow us on twitter: @whitesourcesoft

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Challenges of Scaling DevSecOps
  • Live at: Oct 16 2019 5:45 pm
  • Presented by: Shiri Ivtsan, Senior Product Manager
  • From:
Your email has been sent.
or close