Hi [[ session.user.profile.firstName ]]

Are you ahead or behind? Research findings on Application Security in DevOps

DevOps is an immensely popular topic. And there is frequent debate over whether practicing DevOps makes your applications more secure or less secure. So we conducted a blind study to research the state of Secure DevOps. We will share our findings such as:

What tools and processes are mature DevOps shops using?
How mature is the average DevOps shop?
How is application security thought of in DevOps methodology?
Common misunderstandings around application security and the resulting risk.
See how we incorporated these findings to help you integrate application security into an Agile or DevOps methodology. You need not compromise.
Recorded Sep 20 2016 53 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Cindy Blake
Presentation preview: Are you ahead or behind? Research findings on Application Security in DevOps

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Diving Into DevOps in 2021 Apr 13 2021 3:00 pm UTC 45 mins
    Vince Arneja, GrammaTech
    Analysts are predicting that throughout 2021, we will continue to see the human element of DevOps shining through. Other predictions forecast that the role of AI and AIOps in DevOps teams will become more prominent and that DevOps will take a larger role in enterprise Digital Transformation efforts.

    As DevOps teams continue to grow and adapt to trends and changes that have emerged from the pandemic, it’s important to take a closer look at these changes and trends.

    Join this panel to learn what the emerging trends around DevOps are, and to hear best practices about how DevOps teams can continue to collaborate and thrive when dealing with new and increased pressures.
    Topics of discussion will include:
    - Key learnings DevOps team have experienced from the events of 2021
    - What the future for DevOps teams may look like, and how it can help businesses innovate
    - The most prominent trends impacting DevOps team and ways of working in 2021, from AIOps to new toolchains
    - And more
  • The State of Software Delivery Management: Exploring The Future of SDM Recorded: Oct 7 2020 58 mins
    Mitchell Ashley, CEO and Managing Analyst, Accelerated Strategies Group (ASG)
    Truly disruptive organizations understand that agile software delivery pipelines are at the heart of their digital transformation. However, while some organizations may understand this in theory, in practice the situation looks very different for most.

    This research set assesses the current state of Software Delivery Management (SDM) and examines the impact of SDM adoption in the enterprise. The research consists of survey data and one-on-one interviews with key industry leaders and experts to gather and further refine the data on which this report is based.

    In this talk, ASG CEO Mitch Ashley will share data from the research and show how organizations with mature SDM strategies are better able to quantify both the cost of delivery and the cost of delays in delivery. Additionally, the research will show why organizations are enjoying an improved ability to tie software features and their delivery to business impact and customer value. This presentation will also breakdown how an SDM strategy addresses the gaps and inefficiencies in an organization’s ability to deliver software, based on three key capabilities that help organizations increase their software delivery efficiency and effectiveness.

    Top takeaways from this presentation include:

    • Survey data and research to share the current state of software delivery management
    • An understanding of what it takes to successfully execute a digital transformation strategy and why it’s imperative that organizations adopt SDM capabilities
    • Three capabilities to help increase software delivery efficiency, including:
    o Quantifying the impact of investment in software delivery;
    o The capability of software delivery teams to communicate and collaborate;
    o End-to-end visibility into the value flow of software delivery streams
  • Make your business fly Recorded: Oct 7 2020 42 mins
    Alejandro Gonzalez, New Technologies Director, Aoniken Servicios IT S.A.
    In this webcast we’ll travel along the path of the development and operation of “PAD” system,
    supported by DevOps practices and infrastructure.

    This solution tracks the fueling charge of planes and helicopters by the principal oil company,
    in all the Argentinian airports.

    It’s composed of rugged tablets (front-end) running off-line (on-line when it’s possible), against
    a cloud backend, all over the country.

    The keys scenarios that our solution cover is:
    - Extensive on-field surveys and device integrations
    - Gas fueling to planes before international flights
    - Flowmeters interconnection
    - Corporate identity management
    - Assure a 24x7 operation, 99.9% SLA
  • 5 Ways to Boost DevOps ROI with Value Streams Recorded: Oct 7 2020 50 mins
    Steve Pereira, Founder, Visible Value Stream Consulting
    DevOps is driving incredible results for many companies, but many more are struggling and every team has lots of room to improve. Recent focus on the bigger picture of value streams and flow provides us a much better perspective and model for improvement. In this talk, I'll share some of what's working for leaders, and how you can see improvement with a little investment in the right areas.

    I'll share:
    - How to tackle the worst bottlenecks
    - Where automation really matters
    - Remote-friendly mapping for teams
    - Strategies for driving alignment
    - How to get metrics from mapping
  • [Panel] What Does DevOps Mean to the Business in 2020? Recorded: Oct 7 2020 58 mins
    Panel of experts
    The role of the IT department has changed in recent years and is more aligned with the business than ever. In 2020, as DevOps matures, what does this mean for the role of DevOps and Agile in delivering business outcomes?

    Join this panel as DevOps experts explore what opportunities - and challenges - DevOps and Agile can create for the business. Points of discussion will include:

    - Are businesses investing enough in DevOps and IT teams to enable them to remain competitive in a landscape of accelerated Digital Transformation?
    - How can businesses ensure that they reap the rewards of investments they do make?
    - If businesses do it right, what benefits can they expect?
  • DevOps for Apps to accelerate Industry 4.0 and AI@Edge Recorded: Oct 7 2020 51 mins
    Muralidhar Goparaju, Chief Executive Officer, AmberFlux EdgeAI Private Limited
    As we look to momentous changes unleashed by technological advances like 5G, AI, Deep Learning/Machine Learning, AI Accelerator Chips, etc., supported by social changes leading to 9-to-5 jobs taking newer meanings with WFH with higher autonomy for business users. DevOps provides an opportunity for enterprises leapfrog to Industry 4.0 by leveraging their internal data, social media data and finding effective ways to analyze, learn, and inferencing the data from the millions of edge devices to give business users the power to take autonomous decisions within real-time and meet the regulatory and risk management requirements.

    Traditional App Dev models that needed elaborate software lifecycle and testing, and an extended roll-out plan, will pose severe challenges in Industry 4.0, and it requires real-time updates rolled out to all users. The traditional models that relied on IT development, Implementation and Processes are now blurred as business users rely more on AI to perform many of the tasks being performed by business process organizations.

    To achieve Industry 4.0, enterprises need to critically relook at their internal processes and work towards leveraging AI for many of the tasks that are being done manually today, and then push the inferencing from these AI tools to the end business users. Enterprises would need to rapidly push these inferences from AI tools to the end-users and at the same time keep constantly updating their learning, analysis and inferences on real-time basis from the millions of data generators from devices, users, and social media to ensure that the users always have most current AI inference on their devices. All these updates, including Cloud based machine learning, analysis and AI inferencing and all the business users devices (like mobile, laptops, tablets, AR/VR, wearables, etc., ) need to happen in real-time.
  • No Time to Test Recorded: Oct 7 2020 42 mins
    Nick Denning, CEO, Diegesis Limited
    “No Time to Test” – an approach to starting the testing journey with people who think module testing is all you have to do.

    You are called in by a development manager who is suffering because of crashes in the system causing outages at critical times and significant revenue losses. They know they have to do something about testing but doesn’t know how to get started or obtain buy in. The situation is that the system is huge and complex. To properly scope out a full functional and regression test plan might take years. At the same time the developers are not interested, providing the blame cannot be pinned on them.

    The point of this session is to discuss how to present a strategy that will allow you to make a realistic start without promising the undeliverable.
  • Don’t miss the train! Test automation is finally growing up. Recorded: Oct 7 2020 65 mins
    Marcel Veselka, Visionary, Tesena;
    The search for more efficient, quicker and cheaper testing has been ongoing for a long time. In the past test automation was frequently presented as the solution to this problem. These days it has become at least a small part of any modern software testing process. However, in the next four years the test automation market will grow 2.3 fold to over 25 billion USD.
    But it’s not only the size of test automation that is growing, it’s also increasing in maturity. It is now better that ever before as the tools are getting to grow more advanced and the practices more mature.
    We will share with you how test automation market is changing, what are the current hot trends, and what new opportunities these will bring to us. Some of the most interesting innovations relate to improving scope selection, execution and maintenance of the automated test pack, powered by AI and ML.
    This talk will give a high-level, understandable introduction to what’s happening and is about to happen in test automation. The target audience is testers, developers and technical resources.
  • The Goldilocks Problem of Software Delivery Recorded: Oct 6 2020 63 mins
    Anders Wallgren, VP of Tech Strategy, CloudBees
    Over the last 15 years, organizations have had difficulty with the entire software delivery process, but two artifacts in particular became a recurring problem. The problem stems from the Goldilocks principle: one of these artifacts is much too big to overcome efficiently, and one of them is much too small to make a significant impact, so we need to find the one that is just right.

    So what artifact is “just right?” As the user, what we really care about are the Features: the stuff we use and interact with all the time to make our daily lives better. However, the systems we have today haven't advanced to the point where software features are the nearest proxy for customer value. In other words, the feature must be at the forefront of the UI.

    In this talk, I will share why features are the proxy for value and explore the different levels of abstraction for the “just right” aspect of a Feature in order to shift people's mindset from thinking in terms of Builds or Releases, to thinking in terms of the customer and business value. I will share tactics to address the Goldilocks problem and how to have these discussions at the right level of the software in order to make prioritizations, decisions, and discoveries.

    What Attendees Will Learn:

    A different perspective about software delivery, which will help them make better decisions about which features to pursue and builds/releases to postpone.

    Learn why features are the future and how they are the perfect middle-ground between individual builds and major releases.

    How to ultimately break free from the Goldilocks problem of software delivery.
  • Fastest Way to go from Prototype to Production with Machine Learning Recorded: Oct 6 2020 64 mins
    Vinay Rao is the CEO and co-founder of RocketML
    Artificial Intelligence (AI) techniques are enjoying rapid adoption by all sizes of businesses across the world. However, evolving AI from
    “Prototyping” activities to “Production” face many challenges, in large part due to the radically different development and deployment profile of
    modern Machine Learning (ML) methods, and the range of practical issues that come with real-world use cases.

    This webinar will identify the challenges and demonstrate how these challenges could be mitigated with a remarkably scalable, flexible and
    extensible ML platform.
  • Why Test Automation Fails… and how you will succeed! Recorded: Oct 6 2020 58 mins
    David Milette, Co-Founder and Managing Director of SQALogic; Luigi Iuliani, Solutions Architect, DevSecOps
    Have you or your organisation tried to implement test automation and failed in doing so? Don’t be ashamed, you are far from being alone! The sad truth of the matter is most test automation initiatives fail!

    Attend this webinar and learn how to finally achieve the goal of fully functional test automation and reap the many benefits and rewards this will provide.

    About this Webinar
    2020 Has forced many organisations to revisit the way they do things and seek out ways to gain efficiencies and lower costs. While many development teams are turning to Agile methodologies and DevOps strategies in order to achieve better quality software and faster production releases, in many cases testing and quality assurance is proving to be a bottleneck. Automation is the only way to allow these new development strategies to achieve their full potential. This webinar will be of interest to anyone seeking to understand how to finally eliminate the roadblocks that have hindered so many others in the past from making test automation simply work!

    Join us as we take you through the reasons why test automation fails and equip you with the tools and understanding to put you finally on your way to success!
  • Effective Risk Management through DevSecOps Testing Recorded: Oct 6 2020 51 mins
    Gary Robinson, CEO of Uleska & Global Board Member of OWASP; Todd Carey, Director, PwC
    Companies are moving to security automation to protect their software and assets. In this presentation PwC and Uleska will discuss the trend towards DevOps and Digital Transformation, and the risks that introduces for companies. Learn about the current problems with DevOps Security, scalability, and effective regulatory coverage through DevSecOps.

    Key takeaways will include:
    • How to scale DevSecOps
    • How to move from measuring inherent risk with software, to residual risk, automatically, and at scale
    • What are the current best practices we see in the industry, and what are the blockers
    • What will the future of security automation look like
  • DevSecOps – Ensuring built-in-Security in an evolved DevOps landscape Recorded: Oct 6 2020 67 mins
    Sesh Murthy, Cloud Raxak CTO and Co-Founder; Tarun Krishnamurthy Managing Partner, Anzen Technology Partners
    DevSecOps extends DevOps, in that everyone in the software development life cycle is responsible
    for security bringing operations and development together with security functions. DevSecOps
    embeds security in every part of the development and operations processes. It is about automating
    core security tasks by embedding security controls and processes early in the DevOps workflow
    (rather than being bolted on at the end). For example, this could be the case when migrating to
    microservices, building out a CI/CD pipeline, compliance automation or simply testing cloud
    infrastructure. It is about getting security back into the lifecycle, or as it has been described: ‘shifting security left’.

    Integrating security into DevOps to deliver DevSecOps requires new mindsets, processes, and tools.
    Starting with continual Risk Assessment, Security and Risk Management leaders need to adhere to
    the collaborative, agile nature of DevOps to be seamless and transparent in the development
    process, making security as silent, encompassing, and seamless as possible.

    How to get a business to approach built-in security, from the beginning and continually:
    1. By establishing a security and data privacy strategy – a Security Program spanning people, process, products with Risk Assessment and Policies.
    2. Integrating Data Protection, Secure Coding and Testing practices within the engineering
    3. Leveraging automation to integrate security into the DevOps & CI/CD pipeline – from code scanners through to continuous security configuration management and remediation – in Dev, Testing, Staging, Production environments.
    4. Finally, staying abreast of practices, regulations, auditing and remaining certified, in true intent and spirit.
  • The Journey to 360 Test Automation: “One AI Platform to Unite Them All” Recorded: Oct 6 2020 26 mins
    Faz Ahmad, Business Development Manager, Prolifics Testing
    Join Prolifics Testing to hear how their Test Automation journey for clients has entered a new phase: an AI-driven, containerized Test Automation platform with inbuilt self-healing scripts - best of all it’s based on Open Source components and free!

    If you are interested in “Having it all” and bringing together your strategy for web, desktop, mobile and API Test Automation for Functional, Performance and Security Testing, join this session to hear Faz Ahmad show you the way.
  • Rethinking Test Automation Recorded: Oct 6 2020 59 mins
    Paul Gerrard, Principal, Gerrard Consulting
    Test (execution) automation has been a goal since the earliest programs were written. The mechanics of automated tests have evolved with the technology used to build software, but the fundamental problems of test automation have not changed. Establishing a consistent environment, creating integral and re-usable test data, handling genuine failures, false negatives (and positives), tear-down, and clean-up. These are well-understood challenges. Developers and testers battle with flaky environments, test frameworks, and buggy software under test much the same way they always did. There is little debate about these technical or logistical matters.

    The use of unit test frameworks to test low-level components and integration is well-understood and usually most effective. But where the user interface is graphical and/or where tests of larger, integrated systems are required, test automation is more challenging. These tests tend to be longer, slower, and more complex and consequently, they are harder to write, debug, and maintain. These tests also run relatively slowly. All in all, long-winded, complex tests are flaky and far less efficient and economic. Two models dominate people’s thinking in this area – the four-quadrant model and the test automation pyramid. They have some value, but practitioners and managers need something better to guide their thinking.

    This is the “state of automation” and has been for many years.

    In this talk, Paul sets out a way of thinking about testing and test automation that helps to answer the strategic questions: What does test automation really do for us? When and how is automation the right choice? How do we justify automation? Can automation replace testers? What new tools and skills do we need to implement automation in the future?
  • A Multi-tenant Multi-cluster Kubernetes Datapocalypse is Coming Recorded: Jun 23 2020 57 mins
    Paul Burt, Technical Product Marketing Engineer, NetApp; Jim Fister, Principal, The Decision Place
    The need for rapid deployment of scalable clusters is creating an opportunity for container solutions such as Kubernetes. But what are the implications of multiple Kubernetes clusters in a broad deployment? What happens if a cluster goes down? What’s the impact on business resiliency? Managing and securing multiple clusters is becoming a key topic and area of debate. Multi-cluster Kubernetes that provides robustness & resilience is rapidly moving from “best practice” to a “must have”.

    In this webcast we’ll dive into:
    •The history of multi-cluster Kubernetes
    •How multi-cluster setups could affect data heavy workloads (such as multiple microservices backed by independent data stores)
    •Managing multiple clusters
    •Keeping the business functioning if a cluster goes down
    •How to prepare for the coming datapocalypse

    After you watch the webcast, check out the Q&A blog at: https://bit.ly/2DE91fL
  • Cloud Native DevOps: Why Kubernetes is a game-changer for enterprises Recorded: Apr 23 2020 49 mins
    Jim Bugwadia, Founder and CEO, Nirmata
    Cloud native technologies, like containers and Kubernetes, enable enterprise agility at scale and without compromises. In this session, Jim Bugwadia, who is a founder and the CEO at Nirmata - the Kubernetes Management Plane for Enterprises, will show how enterprises can warp speed their DevOps initiatives by embracing cloud native technologies. You will learn:

    - How containers and Kubernetes impact enterprise DevOps
    - What organizational patterns drive successful Kubernetes adoption
    - How to approach hybrid and multi-cloud strategies with Kubernetes
  • Oracle Databases in a DevOps World Recorded: Apr 23 2020 59 mins
    Nick Walter, Principal Architect
    Have you automated your entire CI/CD pipeline except for the manual DBA actions? Are untested SQL scripts your main source of deployment issues? You aren't alone. Many shops that embrace DevOps principles realize improvements in almost all areas... except for databases. In this talk, we will explore both methods for bringing Oracle DBA teams into a DevOps mindset, and practices for leveraging the benefits of DevOps automation for Oracle database operations.
  • Strategies for Driving DevOps Transformation in the Enterprise Recorded: Apr 23 2020 48 mins
    Jeanne Morain - iSpeak Cloud; Graham Berry - OpenShift, RedHat; Mark Berry - 6point6; TJ Gonen - Check Point
    Some analysts say that DevOps is starting to reach maturity, and as such there are numerous tools flooding the market. But all good tools only reap true benefits if there is a solid strategy to their use and implementation.

    Join this webinar as we take a closer look at how solid DevOps strategies can support emerging tools and foster transformation in mission-critical software environments.

    Topics will include:

    - Why it’s crucial to build a culture of continuous, collaborative improvement and evolution between dev and ops
    - What metrics and approaches can help to forecast the value of DevOps accurately
    - Foundational success factors, including management buy-in, the maturity of current processes, and CI/CD tools

    - Jeanne Morain - Founder, iSpeak Cloud

    - Graham Berry - EMEA Sales Lead - OpenShift, RedHat
    - Mark Berry - DevOps Director, 6point6
    - TJ Gonen - Head of Cloud Security Programs, Check Point
  • From Data Dependence to Testing Transcendence Recorded: Apr 22 2020 43 mins
    Akila Kavo, Delivery Manager, Emerging Technology, tap|QA
    Have you ever had challenges with unsuitable test data? Have you lost time each cycle due to tracing back data questions to key team members?
    Is your data structure so complicated and under-documented that you struggle to know where to even start?

    Whether you are contributing to a project using the latest technology trends or an antiquated mainframe system running on punch cards,
    having a robust Test Data Management Strategy in place is crucial to the timely and smooth execution of your testing effort.

    Join tap|QA's Akila Kavo, Delivery Manager of Emerging Technology, as we’ll explore best practices and real world examples in Test Data Management with a keen focus on how to integrate with your test automation solution.

    We’ll dive into the following topics:

    1) Why TDM is so important
    2) What questions to ask to properly identify your problems
    3) Strategies in creating the best TDM environment possible honed from multiple consulting engagements!
    4) A technical demonstration of different approaches

    Attendees will learn what questions to ask to get to the root source of data management woes. We’ll focus on how to solution a Test Data Management strategy, and plan its implementation.

    You’ll learn what metrics to capture and how you can use them to quantify the value you are providing to the business.
Trends and insights for developing apps and maintaining service
The webcasts in this channel will highlight trends and best practices for the application development lifecycle as well as how to make sure your application maintain a steady level of service.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Are you ahead or behind? Research findings on Application Security in DevOps
  • Live at: Sep 20 2016 3:00 pm
  • Presented by: Cindy Blake
  • From:
Your email has been sent.
or close