Hi [[ session.user.profile.firstName ]]

A Comprehensive Guide To DevOps

Key Takeaways:
* What culture changes from traditional development (agile) to DevOps?
* What are the ways to integrate security testing into DevOps CI/CD pipelines?
* What kind of experimentation and staff is needed to effectively roll out DevOps programs?
Recorded Dec 8 2020 26 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jim Manico, Founder, Manicode Security
Presentation preview: A Comprehensive Guide To DevOps

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Winning the AppSec Battle in Digital Transformation Apr 28 2021 3:00 pm UTC 45 mins
    James Rees - MD at Razorthorn, Robbie Tyrie - Security Manager at Aegon Bank and Charles Dehnel - CSM at Secure Code Warrior
    We’ve all seen a dramatic change in how we operate since March 2020. More businesses are either reviewing their existing software solutions, or migrating to ‘as a service’ options to meet evolving customer needs. At the same time the way we work has changed forever, with flexible and remote working here for the foreseeable future.
    These changes give rise to new security concerns; from the security gaps existing in our infrastructure, to hidden risks in third-party software that we’re increasingly reliant on. How can we embrace digital change without putting ourselves at risk? Join us as we get to grips with this complex topic. We’ll cover:

    - The history of security in coding and the great security - development divide
    - How these have influenced the recent security breaches we’re seeing these days
    - What can be done to fix the problem
  • Is Security a Developer's Problem? Recorded: Mar 25 2021 57 mins
    Jonny Tennyson - Head of CS at Irius Risk, Stefania Chaplin - Sales Engineer at Secure Code Warrior
    Technology has exploded. And it ALL needs to be secured. Yet, security teams don’t have the manpower to cover all bases in times of rapid technological growth and evolving cybersecurity threats.

    In this discussion we cover the big questions:

    Is security exclusively the problem of security teams?
    Is it only security teams that determine what can go wrong?
    Is tooling really the answer?

    Join us, we're sure you'll pick up something new and interesting.
  • Upskilling: The Missing Link to Close The Security Gap For AppSec Recorded: Mar 24 2021 28 mins
    Peter Robinson, Head of Security at Zip, and Jaap Singh, Co-Founder of Secure Code Warrior
    We continue to face an enormous shortfall in security-aware developers in the workforce. With cyber threats increasing globally and the recurrence of common vulnerabilities in our code, it’s crucial we obtain the skills to protect the software and critical infrastructure we rely on.

    Rather than investing in more tools, is upskilling the answer?

    Hear from Peter Robinson, Head of Security at Zip, and Jaap Singh, Co-Founder of Secure Code Warrior & AppSec Trainer for an insightful discussion on why upskilling cybersecurity skills within the workforce is essential to closing the security gap.

    Discussion topics include:

    - How equipped are organisations to upskill their cyber capabilities?

    - With the rapid transition to remote working and digitalisation, how
    important have application security become in the cybersecurity mix?

    - The importance of the human factor and ongoing training to minimise
    security risks.

    - Standards and certifications: What to look for when recruiting security-
    aware professionals.
  • (APAC) Upskilling: The Missing Link to Close The Security Gap For AppSec Recorded: Mar 24 2021 28 mins
    Peter Robinson, Head of Security at Zip, and Jaap Singh, Co-Founder of Secure Code Warrior
    We continue to face an enormous shortfall in security-aware developers in the workforce. With cyber threats increasing globally and the recurrence of common vulnerabilities in our code, it’s crucial we obtain the skills to protect the software and critical infrastructure we rely on.

    Rather than investing in more tools, is upskilling the answer?

    Hear from Peter Robinson, Head of Security at Zip, and Jaap Singh, Co-Founder of Secure Code Warrior & AppSec Trainer for an insightful discussion on why upskilling cybersecurity skills within the workforce is essential to closing the security gap.

    Discussion topics include:

    - How equipped are organisations to upskill their cyber capabilities?

    - With the rapid transition to remote working and digitalisation, how
    important have application security become in the cybersecurity mix?

    - The importance of the human factor and ongoing training to minimise
    security risks.

    - Standards and certifications: What to look for when recruiting security-
    aware professionals.
  • Marks and Spencer: Why AppSec Gets the Short End of the Security Budget Stick Recorded: Feb 25 2021 28 mins
    Lee Thurlow, Head of AppSec @Marks and Spencer
    In this interview with Lee Thurlow, Head of AppSec at Marks and Spencer we discuss why AppSec is usually put towards the bottom of the list when it comes to the overall security budget. In this session you will learn:
    - How to change the narrative to position AppSec as a high priority for your organisation
    - Lee's top tips for great AppSec achievements
  • Marks and Spencer: Why AppSec Gets the Short End of the Security Budget Stick Recorded: Feb 25 2021 28 mins
    Lee Thurlow, Head of AppSec @Marks and Spencer
    In this interview with Lee Thurlow, Head of AppSec at Marks and Spencer we discuss why AppSec is usually put towards the bottom of the list when it comes to the overall security budget. In this session you will learn:
    - How to change the narrative to position AppSec as a high priority for your organisation
    - How the cost of breaches are rapidly increasing
  • Beyond Compliance: Tips to Deliver Engaging Application Security Recorded: Jan 19 2021 49 mins
    Scott Russo, Cloud Security Manager
    About this Webinar
    Do your development teams treat application security training as a check the box exercise? Do you wish they would engage more with cybersecurity and even take ownership? This session covers tips for creating an application security training program where developers will come to you! And you can accomplish this without having to build your training from the ground up. Join this session to learn a few practical tips on how to make an outstanding application security training experience.

    Key items:

    - How to create an engaging story to draw an audience
    - Making Buy vs Build & Optional vs Mandatory decisions
    - Applying basic marketing principles to training
    - Attracting a community of instructors
  • (APAC) Beyond Compliance: Tips to Deliver Engaging Application Security Recorded: Jan 19 2021 49 mins
    Scott Russo, Cloud Security Manager
    About this Webinar
    Do your development teams treat application security training as a check the box exercise? Do you wish they would engage more with cybersecurity and even take ownership? This session covers tips for creating an application security training program where developers will come to you! And you can accomplish this without having to build your training from the ground up. Join this session to learn a few practical tips on how to make an outstanding application security training experience.

    Key items:

    - How to create an engaging story to draw an audience
    - Making Buy vs Build & Optional vs Mandatory decisions
    - Applying basic marketing principles to training
    - Attracting a community of instructors
  • What is DevOps? Recorded: Nov 17 2020 26 mins
    Jim Manico, Founder, Manicode Security
    Key Takeaways:
    * What culture changes from traditional development (agile) to DevOps?
    * What are the ways to integrate security testing into DevOps CI/CD pipelines?
    * What kind of experimentation and staff is needed to effectively roll out DevOps programs?
  • Best Practices for Achieving an Awesome SOC 2 Report Recorded: Sep 10 2020 25 mins
    Vincent Gilbert, Information Security Lead @ Fundapps & Stefania Chaplin, Solutions Architect @ Secure Code Warrior
    Sometimes it can feel extremely overwhelming when running into the project of a SOC report. That's why we've teamed up with some industry experts to talk through some of their top tips for when trying to get a SOC2 report. Watch this webinar to learn:
    - What a report looks like
    - What the difference is between type 1 and 2 report
    - What controls are needed
    - Top tips for when trying to get a SOC 2 report
    - How coding practices come into play in SOC 2
  • Embedded Systems and Empowering Your Team Recorded: Jul 7 2020 31 mins
    Matias Madou & Stefania Chaplin
    Smart Products, Internet of Things, Automated Control and Management of production and distribution systems are just some of the things fueling the development of embedded systems. But as we rely more and more on products and processes that have embedded software what are the impacts of security vulnerabilities in those systems for their operation, privacy and safety and how do we mitigate them?

    Hear from Secure Code Warriors’ CTO Matias Modou on the steps you can take to reduce the number of common vulnerabilities in the systems you produce whilst accelerating time to delivery and reducing costs.
  • Tools Vs People: Is your AppSec budget adequately addressing both? Recorded: Jun 30 2020 44 mins
    Cedric Levy Bencheton, Lee Thurlow, Lewis Bramfitt, Reena Shah
    For a long time, organisations have been aware of the growing application security risk surrounding their software. With data breaches seemingly announced every other day, many are working quickly to lower their risk exposure and secure the valuable data that could potentially be accessed by unscrupulous attackers.

    The strategy employed to mitigate risk is often tool-centric, with SAST /IAST /DAST scanning tools playing a major role in finding vulnerable code that could be exploited within applications. However, with the immense cost and frequently ineffective results, many companies are searching for their 11magic bullet11 to reduce risk.

    Meet a panel of experts who will tell their stories of success, including their own strategies for balancing tools with adequate training and people investment, in order to achieve the security best practice needed to safely navigate a world of increased scrutiny and attack potency.
  • Non-functional, Non-optional - Security’s Role in a World of Software Recorded: Jun 30 2020 29 mins
    Grant Ongers, Global Board of Directors at OWASP Foundation | CTO Secure Delivery
    IT Security Specialist, Grant Ongers will take a look at:
    - The rapid changing world of software
    - How security is becoming a non-optional aspect of software development
    - Importance of shared security responsibility between traditional security and development teams
  • What is DevOps? Recorded: Jun 30 2020 27 mins
    Jim Manico, Founder, Manicode Security
    Key Takeaways:
    * What culture changes from traditional development (agile) to DevOps?
    * What are the ways to integrate security testing into DevOps CI/CD pipelines?
    * What kind of experimentation and staff is needed to effectively roll out DevOps programs?
  • Tools Vs People: Is your AppSec budget adequately addressing both? Recorded: Jun 30 2020 44 mins
    Cedric Levy Bencheton, Lee Thurlow, Lewis Bramfitt, Reena Shah
    For a long time, organisations have been aware of the growing application security risk surrounding their software. With data breaches seemingly announced every other day, many are working quickly to lower their risk exposure and secure the valuable data that could potentially be accessed by unscrupulous attackers.

    The strategy employed to mitigate risk is often tool-centric, with SAST /IAST /DAST scanning tools playing a major role in finding vulnerable code that could be exploited within applications. However, with the immense cost and frequently ineffective results, many companies are searching for their 11magic bullet11 to reduce risk.

    Meet a panel of experts who will tell their stories of success, including their own strategies for balancing tools with adequate training and people investment, in order to achieve the security best practice needed to safely navigate a world of increased scrutiny and attack potency.
  • Non-functional, Non-optional - Security’s Role in a World of Software Recorded: Jun 30 2020 29 mins
    Grant Ongers, Global Board of Directors at OWASP Foundation | CTO Secure Delivery
    IT Security Specialist, Grant Ongers will take a look at:
    - The rapid changing world of software
    - How security is becoming a non-optional aspect of software development
    - Importance of shared security responsibility between traditional security and development teams
  • What is DevOps? Recorded: Jun 30 2020 27 mins
    Jim Manico, Founder, Manicode Security
    Key Takeaways:
    * What culture changes from traditional development (agile) to DevOps?
    * What are the ways to integrate security testing into DevOps CI/CD pipelines?
    * What kind of experimentation and staff is needed to effectively roll out DevOps programs?
  • Tools Vs People: Is your AppSec budget adequately addressing both? Recorded: Jun 30 2020 44 mins
    Cedric Levy Bencheton, Lee Thurlow, Lewis Bramfitt, Reena Shah
    For a long time, organisations have been aware of the growing application security risk surrounding their software. With data breaches seemingly announced every other day, many are working quickly to lower their risk exposure and secure the valuable data that could potentially be accessed by unscrupulous attackers.

    The strategy employed to mitigate risk is often tool-centric, with SAST /IAST /DAST scanning tools playing a major role in finding vulnerable code that could be exploited within applications. However, with the immense cost and frequently ineffective results, many companies are searching for their 11magic bullet11 to reduce risk.

    Meet a panel of experts who will tell their stories of success, including their own strategies for balancing tools with adequate training and people investment, in order to achieve the security best practice needed to safely navigate a world of increased scrutiny and attack potency.
  • Non-functional, Non-optional - Security’s Role in a World of Software Recorded: Jun 30 2020 29 mins
    Grant Ongers, Global Board of Directors at OWASP Foundation | CTO Secure Delivery
    IT Security Specialist, Grant Ongers will take a look at:
    - The rapid changing world of software
    - How security is becoming a non-optional aspect of software development
    - Importance of shared security responsibility between traditional security and development teams
  • What is DevOps? Recorded: Jun 30 2020 27 mins
    Jim Manico, Founder, Manicode Security
    Key Takeaways:
    * What culture changes from traditional development (agile) to DevOps?
    * What are the ways to integrate security testing into DevOps CI/CD pipelines?
    * What kind of experimentation and staff is needed to effectively roll out DevOps programs?
Enabling developers to write secure code.
Secure Code Warrior® is the secure coding company. We have developed an online secure coding platform that helps Developers to think and act with a security mindset every day. Companies can then scale their secure coding excellence as coders and Development teams build and verify their software security skills, gain real-time advice, and monitor skills development.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: A Comprehensive Guide To DevOps
  • Live at: Dec 8 2020 12:00 am
  • Presented by: Jim Manico, Founder, Manicode Security
  • From:
Your email has been sent.
or close