Securing Microservices in Today’s Fast, Feature-Driven SDLC

Logo
Presented by

Ed Adams, Security Innovation | Claudia Dent, Everbridge | Mark Nesline, Imprivata | Trupti Shiralkar, Datadog

About this talk

Organizations are increasingly relying on microservices to modernize and scale in today’s distributed tech ecosystem. Microservices facilitate continuous delivery and deployment by offering loose coupling through modularity, fault isolation, and resiliency. However, the resulting distributed systems are often complex, with large attack surfaces, making traditional security assessments difficult. To maintain consistent security levels, teams need to standardize practices and recalibrate assessment techniques. Come learn how industry experts from product security, engineering, and product management integrate risk-based approaches to their software pipeline to release software more confidently. Topics include: - Security as a Service: Arming teams with pre-secured libraries, assessment templates, security guidance, and hardened frameworks - Rapid Risk Assessments: Evolving beyond monolithic SAST/DAST scans towards rapid component analysis - Modern Vulnerability Management: Optimizing classification systems based on component criticality, business impact potential, and mitigating controls
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (164)
Subscribers (14709)
Security Innovation is an authority on software security and helps organizations build and deploy more secure software. Global technology vendors and enterprise IT organizations such as Microsoft, IBM, FedEx, ING, Symantec, Coca-Cola and GE rely on our expertise to understand the security risks in their software systems and facilitate the software and process change necessary to mitigate them. Security Innovation specializes in software security, an area where traditional “information security” and “business” consultants tend to struggle. We have been analyzing application vulnerabilities and risk for almost a decade and were one of the first providers of software risk solutions to Fortune 500 firms. Our unrivaled proficiency in technical analysis, coupled with sound knowledge of business processes, results in world-class solutions that bridge the gap between application security holes and risk management optimization.