Hi [[ session.user.profile.firstName ]]

DevSecOps: What to focus on first? Harnessing Best Practices & Avoiding Pitfalls

The evolution of technology presents innovation and challenges, in both public and private sectors. Legacy systems, workforce transformation, technical debt, security updates, infrastructure demands have all become common vernacular. Deciding what to prioritize and how to manage the changes can define the success of technology transformation and set the stage for future improvements. This webinar, featuring Emily Fox, NSA; Loris Degioanni, Sysdig; and Michael Ducy, Red Hat, seeks to identify technology best practices and DevSecOps collaboration. Join us July 7!

Emily Fox, DevOps Security Lead, National Security Agency @TheMoxieFox
Loris Degioanni, Chief Technology Officer and Founder, Sysdig @LorisDegio
Michael Ducy, Cloud Native Transformation Lead, Red Hat @MFDii
Recorded Jul 7 2020 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Loris Degioanni, Chief Technology Officer and Founder, Sysdig
Presentation preview: DevSecOps: What to focus on first? Harnessing Best Practices & Avoiding Pitfalls

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • DevSecOps: What to focus on first? Harnessing Best Practices & Avoiding Pitfalls Recorded: Jul 7 2020 59 mins
    Loris Degioanni, Chief Technology Officer and Founder, Sysdig
    The evolution of technology presents innovation and challenges, in both public and private sectors. Legacy systems, workforce transformation, technical debt, security updates, infrastructure demands have all become common vernacular. Deciding what to prioritize and how to manage the changes can define the success of technology transformation and set the stage for future improvements. This webinar, featuring Emily Fox, NSA; Loris Degioanni, Sysdig; and Michael Ducy, Red Hat, seeks to identify technology best practices and DevSecOps collaboration. Join us July 7!

    Emily Fox, DevOps Security Lead, National Security Agency @TheMoxieFox
    Loris Degioanni, Chief Technology Officer and Founder, Sysdig @LorisDegio
    Michael Ducy, Cloud Native Transformation Lead, Red Hat @MFDii
  • Cloud Native Monitoring: Scaling Prometheus Recorded: Jun 30 2020 50 mins
    Aaron Newcomb, Director, Product Marketing, Monitoring & Carlos Arilla Navarro, Technical Marketing Engineer
    Challenges abound when it comes to securing and monitoring containers, Kubernetes, and cloud-native applications across development and production. Most notably, scaling Prometheus monitoring beyond a few servers and applications presents issues when trying to troubleshoot problems that span multiple applications and clusters. We'll share our experience using Prometheus at scale, providing different solutions and highlighting the challenges to solve in each step.
  • Exploring Kubernetes 1.18 with Alex Ellis Recorded: Jun 25 2020 57 mins
    Alex Ellis, CNCF Ambassador, founder of OpenFaaS and Inlets
    With the release of Kubernetes 1.18, we saw 40 features and updates added. In a recent blog post we collated these together in one place so that you can learn what may affect your clusters and prepare for change. Now, we go one step further, inviting Alex Ellis, CNCF Ambassador and Open Source project founder to share his take on the changes.

    We saw Alex’s in-depth article on the recent deprecations around “kubectl run” and asked him to pick four of his highlights to share with examples. Join this webinar as Alex covers the following areas and what you should do next:
    - What’s the debug command do?
    - How is Ingress changing?
    - Why keep secrets as immutable?
    - What’s going on with “kubectl run”?
  • Kubernetes Master Class: Detecting anomalous activity in Rancher with Falco Recorded: May 26 2020 70 mins
    Pawan Shankar, Director, Secure Product Marketing, Sysdig & Vicente Garcia, Technical Marketing Engineer, Sysdig
    Securing Kubernetes requires putting controls in place to detect unexpected behavior that could be malicious. Examples include:

    - Exploits of unpatched and new vulnerabilities
    - Insecure configurations
    - Leaked or weak credentials
    - Insider threats

    Even when processes are in place for vulnerability scanning and implementing pod security and network policies, not every risk will be addressed. You still need mechanisms to confirm these security barriers are effective and provide a last line of defense when they fail. In order to keep up with threats at runtime, an open-source based approach can help you stay up to date.In this webinar, you will learn how to manage security risk at runtime in your RKE environments using Falco, a CNCF project for runtime security. Falco efficiently leverages Extended Berkeley Packet Filter (eBPF), a secure mechanism, to capture system calls and gain deep visibility. By adding Kubernetes application context and Kubernetes API audit events, teams can understand exactly who did what. We will also cover how Sysdig Secure extends the Falco detection engine and eases the burden of creating and updating Falco rules. It can also generate fewer false positives by tuning Falco-based policies for your own environment.
  • Prevention in Kubernetes: Getting Started with Pod Security Policies Recorded: May 19 2020 62 mins
    Pawan Shankar, Director Product Marketing, Sysdig and Alvaro Iradier, Technical Marketing Engineer, Sysdig
    Kubernetes Pod Security Policies (PSPs) is an enforcement mechanism to ensure that Pods run only with the appropriate privileges and can solely access the appropriate resources. You can leverage them as a threat prevention mechanism by controlling Pod creation, and limiting the capabilities available to specific users, groups, or applications.

    Join this Kubernetes Security Master Class to learn:
    - How to get started with Pod Security Policies (PSPs) and how they implement robust security for your Kubernetes clusters
    - Key challenges of using PSPs today
    - Best practices for using PSPs in production
    - How Sysdig Secure can help you adopt PSPs in your environment
  • DevOps Security, Monitoring and Compliance with OpenShift and Sysdig Recorded: May 15 2020 24 mins
    Eric Carter, Director of Product Marketing, Sysdig and Dave Meurer, Principal Solution Architect, Security Partners, Red Hat
    Ensuring application security and compliance is one of the biggest challenges for any organization deploying applications in production. You need to detect and block vulnerabilities, quickly respond to incidents, and meet compliance standards and policies.

    With the Sysdig Secure DevOps Platform, you can embed security, maximize availability, and validate compliance—transforming your DevOps workflow into a secure DevOps workflow.

    In this session, you’ll hear about the Falco open source project, use cases for security in Red Hat OpenShift, and see a real-world demo for securing your OpenShift environment without disrupting application deployments.

    Join us to see how to:
    - Integrate vulnerability management across your CI/CD pipeline
    - Manage regulatory compliance, audit, and risk
    - Define security policies for detecting and blocking threats in real time
    - Maintain visibility into containerized apps for reliable performance and operations
  • Moving Applications to the Cloud? How Top Financials Reduced their Security Risk Recorded: May 14 2020 43 mins
    Alfredo Quiroga - FSI Cloud Native App-Dev Specialist, Red Hat & Dan Papandrea, Field CTO, Sysdig
    Financial institutions are being attacked at an alarming rate. In July 2019, Accenture reported that the average annual cost of cybercrime for a financial service company reached $18.5 million. And that includes only the cost of the incident -- not remediation. In order to gain agility benefits of the cloud DevOps teams need to manage risk, mitigate breaches, and gain visibility, without slowing down the CI/CD pipeline. What solutions help deliver for both DevOps and security professionals?

    Join us as we share real-world experiences from financial services firms that are grappling with the complicated tasks of securing containers and Kubernetes. We’ll address why understanding application behavior and capturing detailed health, risk, and performance data is so critical. We’ll also demonstrate how Red Hat OpenShift and the Sysdig Secure DevOps Platform deliver unique capabilities so you can focus on supporting your customers during this critical time, including:
    - Cloud-Native Host infrastructure security and observability
    - Comprehensive vulnerability scanning
    - Pod security context and pod security policy
    - Compliance for organization-specific standards, as well as regulatory standards like PCI
    - Runtime defense to block attacks and implement zero-day threat protection
    - Container forensics and incident response based on deep system call visibility
  • Top 5 Cloud Native Pipeline Security Considerations Recorded: May 12 2020 44 mins
    Steven Terrana, Senior Lead Technologist, Booz Allen Hamilton and Dan Papandrea, Field CTO, Sysdig
    In this webinar, we’ll take a deep dive into Booz Allen Hamilton’s award-winning ways of securing modern software development. Specifically, we’ll share strong learnings and best practices to confidently protect your pipeline at each stage.

    Join us to learn more about these top five (5) cloud-native security considerations:
    - Turnkey security for your pipelines
    - Container/host configuration management policies
    - Protection against runtime threats
    - Automating rule changes
    - Post-mortem and prevention
  • PCI Compliance in Containers & Kubernetes Recorded: May 7 2020 48 mins
    Pawan Shankar, Director Product Marketing
    Many of your applications are now starting to run on containers in the cloud. This means compliance and managing risk are top priorities. Your security teams understand PCI guidelines, but the challenge is a clear mapping of those PCI controls to container/Kubernetes environments. Ultimately, you need to ensure compliance is not blocking your code from going into production.

    After this webinar, you will understand how other organizations are validating PCI container compliance for their cloud applications. Join us to learn:
    - Changes to PCI compliance processes for containers and Kubernetes
    - How to validate PCI compliance in the CI/CD pipeline and at runtime
    - 12 step PCI Checklist for DevOps teams to save time implementing security guidelines
  • Automating Security for DevOps Workflows Recorded: May 5 2020 47 mins
    Pawan Shankar, Director Product Marketing
    Your developers need to be productive as you ramp containers and Kubernetes in production — without security being a blocker. With several software updates a day in a cloud-native environment, legacy tools can’t keep up. Running reliable and secure containers requires that security and DevOps work better together.

    We’ve got some great tips to share about automating and integrating security and compliance into the DevOps workflow, so your cloud applications ship faster.
  • K8s Limits and Requests: Monitoring and Troubleshooting by example Recorded: Apr 29 2020 20 mins
    Victor Jimenez Cerrada, Technical Marketing Manager, Sysdig
    Are your Kubernetes applications not performing well enough? Is your infrastructure oversized? Kubernetes limits and requests dictate the resources available to your applications, so when they aren’t set correctly your cluster suffers from CPU throttling and Out Of Memory Kills. Oversizing your infrastructure is an easy, but expensive, solution — there must be a better way.

    Prometheus metrics give you insight on your Kubernetes limits and requests, helping detect and troubleshoot common issues. Learn how to maximize the availability and performance of your Kubernetes infrastructure with proven examples.
  • Scaling Prometheus Monitoring, the No-Hacks Way Recorded: Apr 28 2020 42 mins
    Jason McGee, IBM Fellow, VP & CTO IBM Cloud Platform, Payal Chakravarty, VP Product Management & Janet Matsuda, CMO Sysdig
    Getting visibility into containers and Kubernetes is hard. The environment is dynamic, as most containers live less than five minutes. Developers are adopting Prometheus as an open standard for monitoring, but scaling is challenging.

    Join us for a real-world perspective on monitoring cloud application health and performance. Plus, be the first to hear about new ways to scale Prometheus monitoring and see a demo.

    You’ll hear:
    - Best practices and new capabilities for monitoring cloud applications at scale
    - Straight talk based on experience scaling Prometheus-compatible monitoring
    - Ways DevOps pros are monitoring performance, capacity and security
    - Tips for efficient troubleshooting in containerized applications
  • Owning Secure DevOps for Google’s Anthos & GKE Recorded: Apr 23 2020 51 mins
    Eric Carter, Director, Partner Product Marketing, Sysdig and Evgeniya Shumakher, Partner Engineering Lead, Google Anthos
    As cloud-native becomes the standard for application deployment, modern app development and the move to hybrid cloud architectures create new operational challenges. What’s more, DevOps teams are being asked to take ownership of security and compliance along with application performance and availability.

    Join us to hear how this is being addressed by Google and Sysdig customers across the Kubernetes lifecycle. We’ll discuss approaches for adopting hybrid cloud and best practices for vulnerability management, runtime security, monitoring, and forensics with Google Cloud’s Anthos and GKE.
  • Sysdig and Red Hat: Bringing together security and DevOps with OpenShift Recorded: Jan 14 2020 35 mins
    Eric Carter, Director of Product Marketing, Sysdig and Aaron Levey, Security Alliances, Red Hat
    Ensuring application security and compliance is one of the biggest challenges for any organization deploying applications in production. You need to detect and block vulnerabilities, quickly respond to incidents, and meet compliance standards and policies.

    With the Sysdig Secure DevOps Platform, you can embed security, maximize availability, and validate compliance—transforming your DevOps workflow into a secure DevOps workflow.

    In this webinar, you’ll hear about the Falco open source project, use cases for security in Red Hat OpenShift, and see a real-world demo for securing your OpenShift environment without disrupting application deployments.

    Join us to see how to:

    - Integrate vulnerability management across your CI/CD pipeline.
    - Manage regulatory compliance, audit, and risk.
    - Define security policies for detecting and blocking threats in real time.
    - Maintain visibility into containerized apps for reliable performance and operations.

    This session is moderated by Aaron Levey, Head of the Global Partner Security Segment at Red Hat.

    About the speaker:

    Eric Carter is Director of Product Marketing at Sysdig. He’s been helping enterprises optimize and accelerate systems and applications for more than two decades.

    About Sysdig:

    Sysdig enables companies to confidently run cloud-native workloads in production. With the Sysdig Secure DevOps Platform, cloud teams embed security, maximize availability, and validate compliance. The Sysdig platform is open by design with the scale, performance, and usability enterprises demand. The largest companies rely on Sysdig for cloud-native security and visibility. Learn more at www.sysdig.com.
  • Détection d'intrusion Kubernetes avec Falco et Sysdig Secure Recorded: Dec 19 2019 53 mins
    Stephane Woillez / Technical Sales Lead South Europe / Sysdig Inc.
    Pour sécuriser les conteneurs, il faut tester la vulnérabilité des images ; il faut aussi s’assurer que les clusters d’exécution ne sont pas attaqués. Pour détecter les comportements anormaux sur le run, on peut utiliser Falco, un moteur de détection d’intrusion Open Source très populaire en environnement Kubernetes. Dans ce webinar, vous allez découvrir le fonctionnement de Falco, comment l’installer, le configurer, le tester et le personnaliser. Vous comprendrez aussi comment le déployer en production à l’échelle, en environnement multi clouds, avec la plateforme Sysdig Secure.
  • Cloud and Container Security for AWS Recorded: Dec 3 2019 59 mins
    Kiley Williams, Polyverse | Dan Juengst, Red Hat | Michael Ewald, Contino | Pawan Shankar, Sysdig
    With the widespread adoption of containers (Docker, Lambda, Kubernetes) and DevOps practices, IT teams are able to make their cloud application more portable and scalable than ever before. But as containers and DevOps have taken over, so too has the need for a new approach to security. Containers, workloads, and APIs need proper protection and it all boils down to your cloud security strategy.

    Tune into this live roundtable panel at AWS re:Invent as they discuss the following:

    - Workload attacks and why container orchestration tools such as Kubernetes might be at risk
    - Secure container deployment on AWS
    - Authentication and APIs: why they're important and best practices
    - Continuous monitoring and file system security

    Moderator:
    Kiley Williams, Security Architect, Polyverse Corporation

    Panelists:
    Dan Juengst, Senior Principal Technology Evangelist, Red Hat
    Michael Ewald, Director of Engineering, Contino
    Pawan Shankar, Sr. Product Marketing Manager, Sysdig
  • Securing and Troubleshooting Kubernetes and Service Mesh Environments Recorded: Nov 26 2019 46 mins
    Christian Posta, Solo.io and Dan Papandrea, Sysdig
    Going to cloud native application architectures introduces its own set of problems such as how to deal with elastic compute infrastructure, untrusted networks, and increased complexity. Chief among the problems to solve in this new landscape is securing your data and services and troubleshooting when things go wrong. Field CTOs from Sysdig and Solo.io show how the integrated use of their technologies help solve these challenges in application modernization projects.
  • Kubernetes is picking up speed. Do you have a security game plan? Recorded: Nov 21 2019 33 mins
    Knox Anderson, Director, Product Management and Pawan Shankar, Senior Product Marketing Manager
    Your team is rapidly adopting Kubernetes. Security and compliance controls must be in place before you deploy applications in production. Feel like you could use some support putting together your security plan? Spend 45 minutes and that’s what you’ll get:

    --Practical advice on what security functions enterprises are integrating into DevOps workflows
    --Real world examples of how cloud teams are using tools to secure Kubernetes in production
    --Walk away with the checklist you need to create your game plan
  • Kubernetes is Moving to Production. Are you Ready? Recorded: Nov 13 2019 33 mins
    Chetan Mehendiratta, Vice President of Engineering at Goldman Sachs & Janet Matsuda and Knox Anderson of Sysdig
    Quickly ramping your move to containers and Kubernetes for app deployment is critical. You need to be confident you can achieve security, compliance and production-grade app availability.

    Join us for a real-world perspective on deploying containers in production. Plus, hear new ways to incorporate native Kubernetes security capabilities in your DevOps workflow.

    You’ll hear:
    --Best practices and new capabilities for securing Kubernetes and containers
    --Straight talk based on experience ramping container environments into production
    --Practical examples of how to apply tools to handle Kubernetes at scale
    --Ways DevOps pros are monitoring their environment for performance, capacity and security
  • [EMEA] Kubernetes is Moving to Production. Are you Ready? Recorded: Nov 13 2019 33 mins
    Chetan Mehendiratta, Vice President of Engineering at Goldman Sachs & Janet Matsuda and Knox Anderson of Sysdig
    Quickly ramping your move to containers and Kubernetes for app deployment is critical. You need to be confident you can achieve security, compliance and production-grade app availability.

    Join us for a real-world perspective on deploying containers in production. Plus, hear new ways to incorporate native Kubernetes security capabilities in your DevOps workflow.

    You’ll hear:
    --Best practices and new capabilities for securing Kubernetes and containers
    --Straight talk based on experience ramping container environments into production
    --Practical examples of how to apply tools to handle Kubernetes at scale
    --Ways DevOps pros are monitoring their environment for performance, capacity and security
Run Cloud-Native Workloads In Production With Confidence
As cloud native becomes the standard for application deployment, IT roles must adapt. Cloud teams are taking ownership for security, as well as application performance and availability. Tools must support a secure DevOps workflow to run Kubernetes and containers in production. Sysdig enables companies to confidently run cloud-native workloads in production. With the Sysdig Secure DevOps Platform, cloud teams can embed security, maximize availability, and validate compliance. The Sysdig platform is open by design, with the scale, performance, and usability enterprises demand. The largest companies rely on Sysdig for cloud-native security and visibility. Learn more at www.sysdig.com.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: DevSecOps: What to focus on first? Harnessing Best Practices & Avoiding Pitfalls
  • Live at: Jul 7 2020 8:00 pm
  • Presented by: Loris Degioanni, Chief Technology Officer and Founder, Sysdig
  • From:
Your email has been sent.
or close