SlideShare una empresa de Scribd logo

Democratizing security

Sanjeev Sharma
Sanjeev Sharma

This document discusses democratizing security as the next frontier for DevSecOps adoption in enterprises. It covers evolving delivery practices like Agile, DevOps, and SRE. Democratizing involves making capabilities self-service, granting permission to act with guardrails, and building trust. This includes democratizing infrastructure, software delivery, data, and security by making them technology agnostic, self-service, and including them in the DevSecOps toolchain to improve applications, platforms, processes, and culture. Security chaos engineering and value stream mapping are also discussed as ways to identify vulnerabilities and inefficiencies to continuously improve operational readiness and adoption.

Tecnología
1 de 27
Descargar para leer sin conexión
COPYRIGHT © 2020 ACCELERATED STRATEGIES GROUP, INC. ALL RIGHTS RESERVED. Democratizing Security - the next frontier for DevSecOps adoption in the Enterprise Sanjeev Sharma, Principal Analyst
• 20+ Years experience in Software Development and Delivery, Cloud Adoption and Data Modernization • Led the Data Modernization Practice at Delphix • Driving the definition of ‘DataOps’ for Application Delivery, and AI and Machine Learning • IBM Distinguished Engineer, and IBM’s 1st CTO for DevOps Adoption owning the DevOps practice • Chair of the Architecture Review Board for IBM’s response to the DoD’s JEDI RFP • Conference Keynote speaker, Blogger, Podcaster and Vlogger • Author of two bestseller books: • DevOps For Dummies: https://ibm.biz/BdsPMX • The DevOps Adoption Playbook: http://amzn.to/2hH7rt2 All about me - Sanjeev Sharma
1. Evolution of Delivery Practices 2. Democratization of Application Delivery 3. Security Chaos Engineering 4. Value Stream Mapping Agenda
Evolution of Delivery Practices
SRE Agile DevOps Develop right things right Deliver with speed Deliver with Reliability Evolving Application Delivery from Agile to DevOps
Continuous Integration Continuous Delivery Shift Left Test Shift Left Ops Culture Development SCM Build Package Repo Deploy Testing Staging Production FeedbackPlanning Manage DevOps in a Nutshell: 1. Improve the Application/System being delivered 2. Improve the platform on which it is delivered 3. Improve the processes by which it is being delivered 4. Improve the culture of the organization delivering it DevOps
Why DevSecOps? Security concerns and challenges are growing $57M Google GDPR Fine 4700 Breaches in 2018 11 Bn Records exposed 2018 Becoming a custodian of user data is becoming a differentiator You are not our product. Our products are iPhones and iPads. We treasure your data. We wanna help you keep it private and keep it safe. - Tim Cook, CEO, Apple
Democratization
1874 - Solid Wood 1947 - Laminated Wood 1968 – Steel Racquet 1993 – Graphite Racquet 2008 – Aerodynamic Racquet Democratization of Technology
1. Self-service 2. Permission to act 3. Guardrails 4. Trust Tenets of Democratizing of IT Services
DevOps: Democratizing the Application Delivery Pipeline Democratize Infrastructure Democratize Software Delivery Democratize Data Democratize Security Application Delivery Practitioners
Democratizing Infrastructure with Cloud Become Technology Stack Agnostic Self-service Provisioning and Configuration Infrastructure as Code (IaaC) Elastic Services for on-demand scale Role Based Access Control Democratize Infrastructure 1. Improve the platform 2. Improve the processes 3. Improve the culture
Democratizing Software Delivery with DevSecOps Become Technology Stack Agnostic Make DevSecOps capabilities Self Service Integrated end-to-end toolchain Automated Testing and Validation Include Security in the DevSecOps toolchain Democratize Software Delivery 1. Improve the Application/System 2. Improve the processes 3. Improve the culture
Democratizing Data Democratize Data Become Data Source Agnostic Make Data Available Self Service Manage Data Like Code Mitigate Data Privacy & Compliance Risks Include Data Management in the DevSecOps toolchain 1. Improve the Application/System 2. Improve the platform 3. Improve the processes 4. Improve the culture
Democratizing Security Become Technology Stack Agnostic Make Security* Self Service Manage Security* Like Code Automate Mitigation of Security & Compliance Risks Include Security* in the DevOps toolchain Democratize Security * Security Implementation, Validation and Enforcement 1. Secure the Application/System 2. Secure the platform 3. Secure the processes 4. Secure the culture
Business Initiatives: Create New Revenue Streams Improve Quality Accelerate Time to Market Comply with Regulations The Challenge : High Complexity High Cost Multiple Demands High Complexity - Multiple Technology stacks - On Premises and Cloud - Departmental Silos - Legacy, Cloud-native, SaaS applications and services - Open-source sprawl High Cost - Compliance & Governance Policies - Regulatory overhead - Audit and Compliance overhead - Cybersecurity threat preparedness Multiple Demands - Business: Innovation and Monetization - Developers: Continuous Delivery - Analytics Teams: Massive, diverse data sets - Security Teams: Lack of talent and technology expertise
Security Chaos Engineering
One way to make sure you can deal with a flat tire on the freeway, in the rain, in the middle of the night is to poke a hole in your tire once a week in your driveway on a Sunday afternoon and go through the drill of replacing it. Chaos Engineering
Antifragile: Things that are neither fragile or robust, but rather thrive in chaos. Achieving Antifragility
The Chaos is Real https://www.sophos.com/en-us/medialibrary/PDFs/Whitepaper/sophos-exposed-cyberattacks-on-cloud-honeypots-wp.pdf
Security Chaos Engineering Security Chaos Engineering is the discipline of instrumentation, identification, and remediation of failure within security controls through proactive experimentation to build confidence in the system's ability to defend against malicious conditions in production.
Security Chaos Engineering implementation 1. End-to-end Continuous Instrumentation 2. Continuous Readiness Assessment 3. Continuous Security Gap Analysis 4. Automation to identify, detect, and remediate security failures 5. Focus on vulnerability and failure identification 6. Continuous improvement of Operational Readiness
Value Stream Mapping
Idea/Feature/Bug Fix/ Enhancement Production Development Build QA SIT UAT Prod PMO Requirements/ Analyst Developer CustomersLine of Business Build Engineer QA Team Integration Tester User/Tester Operations Artifact Repository Deployment Engineer Release Management Code Repository Deploy Get Feedback Infrastructure as Code/ Cloud Patterns Feedback Customer or Customer Surrogate Data Tasks Artifacts Value Stream Mapping to Identify: • Waste • Wait-States • Rework Value Stream Mapping to Develop an Adoption Roadmap
• Review the current state o Business goals, IT goals, current initiatives o Requirements o Environments o Repositories o Data Sources/Architecture o Roles / Organization o Metrics o Other • Prioritize Waste, Wait states and Rework • Create a first pass at a roadmap to address inefficiencies Next Step: DevOps Value Stream Mapping Workshop
Sanjeev Sharma sanjeev@accelst.com @sd_architect http://sdarchitect.blog http://accelST.com Contact
KNOWLEDGE WANTS TO BE FREE COPYRIGHT © 2020 ACCELERATED STRATEGIES GROUP, INC. ALL RIGHTS RESERVED

Recomendados

My code, my environment, and yes, my data
My code, my environment, and yes, my dataMy code, my environment, and yes, my data
My code, my environment, and yes, my dataSanjeev Sharma
 
DeliverAgile2018 - from Apollo 13 to Google SRE
DeliverAgile2018 - from Apollo 13 to Google SREDeliverAgile2018 - from Apollo 13 to Google SRE
DeliverAgile2018 - from Apollo 13 to Google SRESanjeev Sharma
 
The Muda, Mura and Muri of DevOps
The Muda, Mura and Muri of DevOpsThe Muda, Mura and Muri of DevOps
The Muda, Mura and Muri of DevOpsSanjeev Sharma
 
From Apollo 13 to Google SRE
From Apollo 13 to Google SREFrom Apollo 13 to Google SRE
From Apollo 13 to Google SRESanjeev Sharma
 
Cloud expo 2018: From Apollo 13 to Google SRE - When DevOps meets SRE
Cloud expo 2018: From Apollo 13 to Google SRE - When DevOps meets SRECloud expo 2018: From Apollo 13 to Google SRE - When DevOps meets SRE
Cloud expo 2018: From Apollo 13 to Google SRE - When DevOps meets SRESanjeev Sharma
 
How NBCUniversal Adopted DevOps
How NBCUniversal Adopted DevOpsHow NBCUniversal Adopted DevOps
How NBCUniversal Adopted DevOpsSanjeev Sharma
 
Security and DevOps - Managing Security in a DevOps Enterprise
Security and DevOps - Managing Security in a DevOps EnterpriseSecurity and DevOps - Managing Security in a DevOps Enterprise
Security and DevOps - Managing Security in a DevOps EnterpriseClaudia Ring
 
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...Sanjeev Sharma
 

Recomendados

My code, my environment, and yes, my data
My code, my environment, and yes, my dataMy code, my environment, and yes, my data
My code, my environment, and yes, my dataSanjeev Sharma
 
DeliverAgile2018 - from Apollo 13 to Google SRE
DeliverAgile2018 - from Apollo 13 to Google SREDeliverAgile2018 - from Apollo 13 to Google SRE
DeliverAgile2018 - from Apollo 13 to Google SRESanjeev Sharma
 
The Muda, Mura and Muri of DevOps
The Muda, Mura and Muri of DevOpsThe Muda, Mura and Muri of DevOps
The Muda, Mura and Muri of DevOpsSanjeev Sharma
 
From Apollo 13 to Google SRE
From Apollo 13 to Google SREFrom Apollo 13 to Google SRE
From Apollo 13 to Google SRESanjeev Sharma
 
Cloud expo 2018: From Apollo 13 to Google SRE - When DevOps meets SRE
Cloud expo 2018: From Apollo 13 to Google SRE - When DevOps meets SRECloud expo 2018: From Apollo 13 to Google SRE - When DevOps meets SRE
Cloud expo 2018: From Apollo 13 to Google SRE - When DevOps meets SRESanjeev Sharma
 
How NBCUniversal Adopted DevOps
How NBCUniversal Adopted DevOpsHow NBCUniversal Adopted DevOps
How NBCUniversal Adopted DevOpsSanjeev Sharma
 
Security and DevOps - Managing Security in a DevOps Enterprise
Security and DevOps - Managing Security in a DevOps EnterpriseSecurity and DevOps - Managing Security in a DevOps Enterprise
Security and DevOps - Managing Security in a DevOps EnterpriseClaudia Ring
 
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...Sanjeev Sharma
 
Hybrid Cloud DevOps with Apprenda and UrbanCode Deploy
Hybrid Cloud DevOps with Apprenda and UrbanCode DeployHybrid Cloud DevOps with Apprenda and UrbanCode Deploy
Hybrid Cloud DevOps with Apprenda and UrbanCode DeployClaudia Ring
 
A DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scaleA DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scaleSanjeev Sharma
 
Mastering DevOps Automation: Webinar
Mastering DevOps Automation: WebinarMastering DevOps Automation: Webinar
Mastering DevOps Automation: WebinarClaudia Ring
 
DevOps in the Hybrid Cloud
DevOps in the Hybrid CloudDevOps in the Hybrid Cloud
DevOps in the Hybrid CloudRichard Irving
 
The Future of DevOps and UrbanCode
The Future of DevOps and UrbanCodeThe Future of DevOps and UrbanCode
The Future of DevOps and UrbanCodeIBM UrbanCode Products
 
Bluemix DevOps Meetup
Bluemix DevOps MeetupBluemix DevOps Meetup
Bluemix DevOps MeetupKyle Brown
 
Gartner EA Architecting for DevOps and Hybrid Cloud
Gartner EA Architecting for DevOps and Hybrid CloudGartner EA Architecting for DevOps and Hybrid Cloud
Gartner EA Architecting for DevOps and Hybrid CloudRosalind Radcliffe
 
Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...
Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...
Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...Chris Haddad
 
DevOps Thinking for the Line of Business
DevOps Thinking for the Line of BusinessDevOps Thinking for the Line of Business
DevOps Thinking for the Line of BusinessSanjeev Sharma
 
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...Michael Elder
 
Cloud Native Operations
Cloud Native OperationsCloud Native Operations
Cloud Native OperationsMichael Mueller
 
Troubleshooting App Health and Performance with PCF Metrics 1.2
Troubleshooting App Health and Performance with PCF Metrics 1.2Troubleshooting App Health and Performance with PCF Metrics 1.2
Troubleshooting App Health and Performance with PCF Metrics 1.2VMware Tanzu
 
Cloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentCloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentSam Garforth
 
Metrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation SuccessMetrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation SuccessXebiaLabs
 
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...Siva Rama Krishna Chunduru
 
Continuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeContinuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeSanjeev Sharma
 
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)VMware Tanzu
 
Accelerating Time to Market
Accelerating Time to MarketAccelerating Time to Market
Accelerating Time to MarketVMware Tanzu
 
IBM DevOps Workshops at IBM InterConnect 2017
IBM DevOps Workshops at IBM InterConnect 2017IBM DevOps Workshops at IBM InterConnect 2017
IBM DevOps Workshops at IBM InterConnect 2017IBM DevOps
 
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)VMware Tanzu
 
Succeeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps finalSucceeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps finalrkadayam
 
Dev{sec}ops
Dev{sec}opsDev{sec}ops
Dev{sec}opsSteven Carlson
 

Más contenido relacionado

La actualidad más candente

Hybrid Cloud DevOps with Apprenda and UrbanCode Deploy
Hybrid Cloud DevOps with Apprenda and UrbanCode DeployHybrid Cloud DevOps with Apprenda and UrbanCode Deploy
Hybrid Cloud DevOps with Apprenda and UrbanCode DeployClaudia Ring
 
A DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scaleA DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scaleSanjeev Sharma
 
Mastering DevOps Automation: Webinar
Mastering DevOps Automation: WebinarMastering DevOps Automation: Webinar
Mastering DevOps Automation: WebinarClaudia Ring
 
DevOps in the Hybrid Cloud
DevOps in the Hybrid CloudDevOps in the Hybrid Cloud
DevOps in the Hybrid CloudRichard Irving
 
Bluemix DevOps Meetup
Bluemix DevOps MeetupBluemix DevOps Meetup
Bluemix DevOps MeetupKyle Brown
 
Gartner EA Architecting for DevOps and Hybrid Cloud
Gartner EA Architecting for DevOps and Hybrid CloudGartner EA Architecting for DevOps and Hybrid Cloud
Gartner EA Architecting for DevOps and Hybrid CloudRosalind Radcliffe
 
Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...
Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...
Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...Chris Haddad
 
DevOps Thinking for the Line of Business
DevOps Thinking for the Line of BusinessDevOps Thinking for the Line of Business
DevOps Thinking for the Line of BusinessSanjeev Sharma
 
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...Michael Elder
 
Troubleshooting App Health and Performance with PCF Metrics 1.2
Troubleshooting App Health and Performance with PCF Metrics 1.2Troubleshooting App Health and Performance with PCF Metrics 1.2
Troubleshooting App Health and Performance with PCF Metrics 1.2VMware Tanzu
 
Cloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentCloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentSam Garforth
 
Metrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation SuccessMetrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation SuccessXebiaLabs
 
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...Siva Rama Krishna Chunduru
 
Continuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeContinuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeSanjeev Sharma
 
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)VMware Tanzu
 
Accelerating Time to Market
Accelerating Time to MarketAccelerating Time to Market
Accelerating Time to MarketVMware Tanzu
 
IBM DevOps Workshops at IBM InterConnect 2017
IBM DevOps Workshops at IBM InterConnect 2017IBM DevOps Workshops at IBM InterConnect 2017
IBM DevOps Workshops at IBM InterConnect 2017IBM DevOps
 
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)VMware Tanzu
 

La actualidad más candente (20)

Hybrid Cloud DevOps with Apprenda and UrbanCode Deploy
Hybrid Cloud DevOps with Apprenda and UrbanCode DeployHybrid Cloud DevOps with Apprenda and UrbanCode Deploy
Hybrid Cloud DevOps with Apprenda and UrbanCode Deploy
 
A DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scaleA DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scale
 
Mastering DevOps Automation: Webinar
Mastering DevOps Automation: WebinarMastering DevOps Automation: Webinar
Mastering DevOps Automation: Webinar
 
DevOps in the Hybrid Cloud
DevOps in the Hybrid CloudDevOps in the Hybrid Cloud
DevOps in the Hybrid Cloud
 
The Future of DevOps and UrbanCode
The Future of DevOps and UrbanCodeThe Future of DevOps and UrbanCode
The Future of DevOps and UrbanCode
 
Bluemix DevOps Meetup
Bluemix DevOps MeetupBluemix DevOps Meetup
Bluemix DevOps Meetup
 
Gartner EA Architecting for DevOps and Hybrid Cloud
Gartner EA Architecting for DevOps and Hybrid CloudGartner EA Architecting for DevOps and Hybrid Cloud
Gartner EA Architecting for DevOps and Hybrid Cloud
 
Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...
Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...
Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...
 
DevOps Thinking for the Line of Business
DevOps Thinking for the Line of BusinessDevOps Thinking for the Line of Business
DevOps Thinking for the Line of Business
 
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
 
Cloud Native Operations
Cloud Native OperationsCloud Native Operations
Cloud Native Operations
 
Troubleshooting App Health and Performance with PCF Metrics 1.2
Troubleshooting App Health and Performance with PCF Metrics 1.2Troubleshooting App Health and Performance with PCF Metrics 1.2
Troubleshooting App Health and Performance with PCF Metrics 1.2
 
Cloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentCloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business Development
 
Metrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation SuccessMetrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation Success
 
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
 
Continuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeContinuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scope
 
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
 
Accelerating Time to Market
Accelerating Time to MarketAccelerating Time to Market
Accelerating Time to Market
 
IBM DevOps Workshops at IBM InterConnect 2017
IBM DevOps Workshops at IBM InterConnect 2017IBM DevOps Workshops at IBM InterConnect 2017
IBM DevOps Workshops at IBM InterConnect 2017
 
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
 

Similar a Democratizing security

Succeeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps finalSucceeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps finalrkadayam
 
Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation Cisco DevNet
 
Pentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowPentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowAmien Harisen Rosyandino
 
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017Amazon Web Services
 
Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetuppbink
 
Deploying Secure Modern Apps in Evolving Infrastructures
Deploying Secure Modern Apps in Evolving InfrastructuresDeploying Secure Modern Apps in Evolving Infrastructures
Deploying Secure Modern Apps in Evolving InfrastructuresSBWebinars
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSAmazon Web Services
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSEric Smalling
 
AWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWSAWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWSEric Smalling
 
AWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container AdoptionAWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container AdoptionAlex Rhea
 
Implementing Security on a Large Multi-Tenant Cluster the Right Way
Implementing Security on a Large Multi-Tenant Cluster the Right WayImplementing Security on a Large Multi-Tenant Cluster the Right Way
Implementing Security on a Large Multi-Tenant Cluster the Right WayDataWorks Summit
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrewLibbySchulze
 
ABN AMRO DevSecOps Journey
ABN AMRO DevSecOps JourneyABN AMRO DevSecOps Journey
ABN AMRO DevSecOps JourneyDerek E. Weeks
 
DevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseDevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseJames Wickett
 
Secure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceSecure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceTej Luthra
 
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxSecure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxlior mazor
 

Similar a Democratizing security (20)

Succeeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps finalSucceeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps final
 
Dev{sec}ops
Dev{sec}opsDev{sec}ops
Dev{sec}ops
 
Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation
 
Pentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowPentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrow
 
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOps
 
Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetup
 
Deploying Secure Modern Apps in Evolving Infrastructures
Deploying Secure Modern Apps in Evolving InfrastructuresDeploying Secure Modern Apps in Evolving Infrastructures
Deploying Secure Modern Apps in Evolving Infrastructures
 
DevSecOps – The Importance of DevOps Security in 2023.docx
DevSecOps – The Importance of DevOps Security in 2023.docxDevSecOps – The Importance of DevOps Security in 2023.docx
DevSecOps – The Importance of DevOps Security in 2023.docx
 
The Importance of DevOps Security in 2023.docx
The Importance of DevOps Security in 2023.docxThe Importance of DevOps Security in 2023.docx
The Importance of DevOps Security in 2023.docx
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWS
 
AWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWSAWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWS
 
AWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container AdoptionAWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container Adoption
 
Implementing Security on a Large Multi-Tenant Cluster the Right Way
Implementing Security on a Large Multi-Tenant Cluster the Right WayImplementing Security on a Large Multi-Tenant Cluster the Right Way
Implementing Security on a Large Multi-Tenant Cluster the Right Way
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrew
 
ABN AMRO DevSecOps Journey
ABN AMRO DevSecOps JourneyABN AMRO DevSecOps Journey
ABN AMRO DevSecOps Journey
 
DevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseDevOps for Defenders in the Enterprise
DevOps for Defenders in the Enterprise
 
Secure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceSecure DevOPS Implementation Guidance
Secure DevOPS Implementation Guidance
 
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxSecure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
 

Más de Sanjeev Sharma

From DevOps to DevSecOps: 2 Dimensions of Security for DevOps
From DevOps to DevSecOps: 2 Dimensions of Security for DevOpsFrom DevOps to DevSecOps: 2 Dimensions of Security for DevOps
From DevOps to DevSecOps: 2 Dimensions of Security for DevOpsSanjeev Sharma
 
Unicorns on an Aircraft Carrier: CDSummit London and Stockholm Keynote
Unicorns on an Aircraft Carrier: CDSummit London and Stockholm KeynoteUnicorns on an Aircraft Carrier: CDSummit London and Stockholm Keynote
Unicorns on an Aircraft Carrier: CDSummit London and Stockholm KeynoteSanjeev Sharma
 
IBM InterConnect 2016: Security for DevOps in an Enterprise
IBM InterConnect 2016: Security for DevOps in an Enterprise IBM InterConnect 2016: Security for DevOps in an Enterprise
IBM InterConnect 2016: Security for DevOps in an Enterprise Sanjeev Sharma
 
DevOps adoption in the enterprise
DevOps adoption in the enterpriseDevOps adoption in the enterprise
DevOps adoption in the enterpriseSanjeev Sharma
 
dev@InterConnect workshop - Lean and DevOps
dev@InterConnect workshop - Lean and DevOpsdev@InterConnect workshop - Lean and DevOps
dev@InterConnect workshop - Lean and DevOpsSanjeev Sharma
 
OpenTechSummit InterConnect2015 DevOps
OpenTechSummit InterConnect2015 DevOpsOpenTechSummit InterConnect2015 DevOps
OpenTechSummit InterConnect2015 DevOpsSanjeev Sharma
 
DTS-1778 Understanding DevOps - IBM InterConnect Session
DTS-1778 Understanding DevOps - IBM InterConnect SessionDTS-1778 Understanding DevOps - IBM InterConnect Session
DTS-1778 Understanding DevOps - IBM InterConnect SessionSanjeev Sharma
 
Mobile to Mainframe - En-to-end transformation
Mobile to Mainframe - En-to-end transformationMobile to Mainframe - En-to-end transformation
Mobile to Mainframe - En-to-end transformationSanjeev Sharma
 
DevOps and Application Delivery for Hybrid Cloud - DevOpsSummit session
DevOps and Application Delivery for Hybrid Cloud - DevOpsSummit sessionDevOps and Application Delivery for Hybrid Cloud - DevOpsSummit session
DevOps and Application Delivery for Hybrid Cloud - DevOpsSummit sessionSanjeev Sharma
 
Using Lean Thinking to identify and address Delivery Pipeline bottlenecks
Using Lean Thinking to identify and address Delivery Pipeline bottlenecksUsing Lean Thinking to identify and address Delivery Pipeline bottlenecks
Using Lean Thinking to identify and address Delivery Pipeline bottlenecksSanjeev Sharma
 
DevOps 101 - IBM Impact 2014
DevOps 101 - IBM Impact 2014 DevOps 101 - IBM Impact 2014
DevOps 101 - IBM Impact 2014 Sanjeev Sharma
 
Enabling DevOps in the cloud - Federal Cloud Innovation Center
Enabling DevOps in the cloud - Federal Cloud Innovation CenterEnabling DevOps in the cloud - Federal Cloud Innovation Center
Enabling DevOps in the cloud - Federal Cloud Innovation CenterSanjeev Sharma
 
Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014Sanjeev Sharma
 
IBM Innovate - Uderstanding DevOps
IBM Innovate - Uderstanding DevOpsIBM Innovate - Uderstanding DevOps
IBM Innovate - Uderstanding DevOpsSanjeev Sharma
 
CampDevOps keynote - DevOps: Using 'Lean' to eliminate Bottlenecks
CampDevOps keynote - DevOps: Using 'Lean' to eliminate BottlenecksCampDevOps keynote - DevOps: Using 'Lean' to eliminate Bottlenecks
CampDevOps keynote - DevOps: Using 'Lean' to eliminate BottlenecksSanjeev Sharma
 
IBM Pulse session 2727: Continuous delivery -accelerated with DevOps
IBM Pulse session 2727: Continuous delivery -accelerated with DevOpsIBM Pulse session 2727: Continuous delivery -accelerated with DevOps
IBM Pulse session 2727: Continuous delivery -accelerated with DevOpsSanjeev Sharma
 
Mobile to mainframe - Enterprise DevOps - MoDevEast Slides
Mobile to mainframe - Enterprise DevOps - MoDevEast SlidesMobile to mainframe - Enterprise DevOps - MoDevEast Slides
Mobile to mainframe - Enterprise DevOps - MoDevEast SlidesSanjeev Sharma
 
Applying DevOps for more reliable Public Sector Software Delivery
Applying DevOps for more reliable Public Sector Software DeliveryApplying DevOps for more reliable Public Sector Software Delivery
Applying DevOps for more reliable Public Sector Software DeliverySanjeev Sharma
 
(Japanese) From Continuous Integration to DevOps - Japan Innovate 2013
(Japanese) From Continuous Integration to DevOps - Japan Innovate 2013 (Japanese) From Continuous Integration to DevOps - Japan Innovate 2013
(Japanese) From Continuous Integration to DevOps - Japan Innovate 2013 Sanjeev Sharma
 
From Continuous Integration to DevOps - Japan Innovate 2013
From Continuous Integration to DevOps - Japan Innovate 2013From Continuous Integration to DevOps - Japan Innovate 2013
From Continuous Integration to DevOps - Japan Innovate 2013Sanjeev Sharma
 

Más de Sanjeev Sharma (20)

From DevOps to DevSecOps: 2 Dimensions of Security for DevOps
From DevOps to DevSecOps: 2 Dimensions of Security for DevOpsFrom DevOps to DevSecOps: 2 Dimensions of Security for DevOps
From DevOps to DevSecOps: 2 Dimensions of Security for DevOps
 
Unicorns on an Aircraft Carrier: CDSummit London and Stockholm Keynote
Unicorns on an Aircraft Carrier: CDSummit London and Stockholm KeynoteUnicorns on an Aircraft Carrier: CDSummit London and Stockholm Keynote
Unicorns on an Aircraft Carrier: CDSummit London and Stockholm Keynote
 
IBM InterConnect 2016: Security for DevOps in an Enterprise
IBM InterConnect 2016: Security for DevOps in an Enterprise IBM InterConnect 2016: Security for DevOps in an Enterprise
IBM InterConnect 2016: Security for DevOps in an Enterprise
 
DevOps adoption in the enterprise
DevOps adoption in the enterpriseDevOps adoption in the enterprise
DevOps adoption in the enterprise
 
dev@InterConnect workshop - Lean and DevOps
dev@InterConnect workshop - Lean and DevOpsdev@InterConnect workshop - Lean and DevOps
dev@InterConnect workshop - Lean and DevOps
 
OpenTechSummit InterConnect2015 DevOps
OpenTechSummit InterConnect2015 DevOpsOpenTechSummit InterConnect2015 DevOps
OpenTechSummit InterConnect2015 DevOps
 
DTS-1778 Understanding DevOps - IBM InterConnect Session
DTS-1778 Understanding DevOps - IBM InterConnect SessionDTS-1778 Understanding DevOps - IBM InterConnect Session
DTS-1778 Understanding DevOps - IBM InterConnect Session
 
Mobile to Mainframe - En-to-end transformation
Mobile to Mainframe - En-to-end transformationMobile to Mainframe - En-to-end transformation
Mobile to Mainframe - En-to-end transformation
 
DevOps and Application Delivery for Hybrid Cloud - DevOpsSummit session
DevOps and Application Delivery for Hybrid Cloud - DevOpsSummit sessionDevOps and Application Delivery for Hybrid Cloud - DevOpsSummit session
DevOps and Application Delivery for Hybrid Cloud - DevOpsSummit session
 
Using Lean Thinking to identify and address Delivery Pipeline bottlenecks
Using Lean Thinking to identify and address Delivery Pipeline bottlenecksUsing Lean Thinking to identify and address Delivery Pipeline bottlenecks
Using Lean Thinking to identify and address Delivery Pipeline bottlenecks
 
DevOps 101 - IBM Impact 2014
DevOps 101 - IBM Impact 2014 DevOps 101 - IBM Impact 2014
DevOps 101 - IBM Impact 2014
 
Enabling DevOps in the cloud - Federal Cloud Innovation Center
Enabling DevOps in the cloud - Federal Cloud Innovation CenterEnabling DevOps in the cloud - Federal Cloud Innovation Center
Enabling DevOps in the cloud - Federal Cloud Innovation Center
 
Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014
 
IBM Innovate - Uderstanding DevOps
IBM Innovate - Uderstanding DevOpsIBM Innovate - Uderstanding DevOps
IBM Innovate - Uderstanding DevOps
 
CampDevOps keynote - DevOps: Using 'Lean' to eliminate Bottlenecks
CampDevOps keynote - DevOps: Using 'Lean' to eliminate BottlenecksCampDevOps keynote - DevOps: Using 'Lean' to eliminate Bottlenecks
CampDevOps keynote - DevOps: Using 'Lean' to eliminate Bottlenecks
 
IBM Pulse session 2727: Continuous delivery -accelerated with DevOps
IBM Pulse session 2727: Continuous delivery -accelerated with DevOpsIBM Pulse session 2727: Continuous delivery -accelerated with DevOps
IBM Pulse session 2727: Continuous delivery -accelerated with DevOps
 
Mobile to mainframe - Enterprise DevOps - MoDevEast Slides
Mobile to mainframe - Enterprise DevOps - MoDevEast SlidesMobile to mainframe - Enterprise DevOps - MoDevEast Slides
Mobile to mainframe - Enterprise DevOps - MoDevEast Slides
 
Applying DevOps for more reliable Public Sector Software Delivery
Applying DevOps for more reliable Public Sector Software DeliveryApplying DevOps for more reliable Public Sector Software Delivery
Applying DevOps for more reliable Public Sector Software Delivery
 
(Japanese) From Continuous Integration to DevOps - Japan Innovate 2013
(Japanese) From Continuous Integration to DevOps - Japan Innovate 2013 (Japanese) From Continuous Integration to DevOps - Japan Innovate 2013
(Japanese) From Continuous Integration to DevOps - Japan Innovate 2013
 
From Continuous Integration to DevOps - Japan Innovate 2013
From Continuous Integration to DevOps - Japan Innovate 2013From Continuous Integration to DevOps - Japan Innovate 2013
From Continuous Integration to DevOps - Japan Innovate 2013
 

Último

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Último (20)

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Democratizing security

  • 1. COPYRIGHT © 2020 ACCELERATED STRATEGIES GROUP, INC. ALL RIGHTS RESERVED. Democratizing Security - the next frontier for DevSecOps adoption in the Enterprise Sanjeev Sharma, Principal Analyst
  • 2. • 20+ Years experience in Software Development and Delivery, Cloud Adoption and Data Modernization • Led the Data Modernization Practice at Delphix • Driving the definition of ‘DataOps’ for Application Delivery, and AI and Machine Learning • IBM Distinguished Engineer, and IBM’s 1st CTO for DevOps Adoption owning the DevOps practice • Chair of the Architecture Review Board for IBM’s response to the DoD’s JEDI RFP • Conference Keynote speaker, Blogger, Podcaster and Vlogger • Author of two bestseller books: • DevOps For Dummies: https://ibm.biz/BdsPMX • The DevOps Adoption Playbook: http://amzn.to/2hH7rt2 All about me - Sanjeev Sharma
  • 3. 1. Evolution of Delivery Practices 2. Democratization of Application Delivery 3. Security Chaos Engineering 4. Value Stream Mapping Agenda
  • 5. SRE Agile DevOps Develop right things right Deliver with speed Deliver with Reliability Evolving Application Delivery from Agile to DevOps
  • 6. Continuous Integration Continuous Delivery Shift Left Test Shift Left Ops Culture Development SCM Build Package Repo Deploy Testing Staging Production FeedbackPlanning Manage DevOps in a Nutshell: 1. Improve the Application/System being delivered 2. Improve the platform on which it is delivered 3. Improve the processes by which it is being delivered 4. Improve the culture of the organization delivering it DevOps
  • 7. Why DevSecOps? Security concerns and challenges are growing $57M Google GDPR Fine 4700 Breaches in 2018 11 Bn Records exposed 2018 Becoming a custodian of user data is becoming a differentiator You are not our product. Our products are iPhones and iPads. We treasure your data. We wanna help you keep it private and keep it safe. - Tim Cook, CEO, Apple
  • 9. 1874 - Solid Wood 1947 - Laminated Wood 1968 – Steel Racquet 1993 – Graphite Racquet 2008 – Aerodynamic Racquet Democratization of Technology
  • 10. 1. Self-service 2. Permission to act 3. Guardrails 4. Trust Tenets of Democratizing of IT Services
  • 11. DevOps: Democratizing the Application Delivery Pipeline Democratize Infrastructure Democratize Software Delivery Democratize Data Democratize Security Application Delivery Practitioners
  • 12. Democratizing Infrastructure with Cloud Become Technology Stack Agnostic Self-service Provisioning and Configuration Infrastructure as Code (IaaC) Elastic Services for on-demand scale Role Based Access Control Democratize Infrastructure 1. Improve the platform 2. Improve the processes 3. Improve the culture
  • 13. Democratizing Software Delivery with DevSecOps Become Technology Stack Agnostic Make DevSecOps capabilities Self Service Integrated end-to-end toolchain Automated Testing and Validation Include Security in the DevSecOps toolchain Democratize Software Delivery 1. Improve the Application/System 2. Improve the processes 3. Improve the culture
  • 14. Democratizing Data Democratize Data Become Data Source Agnostic Make Data Available Self Service Manage Data Like Code Mitigate Data Privacy & Compliance Risks Include Data Management in the DevSecOps toolchain 1. Improve the Application/System 2. Improve the platform 3. Improve the processes 4. Improve the culture
  • 15. Democratizing Security Become Technology Stack Agnostic Make Security* Self Service Manage Security* Like Code Automate Mitigation of Security & Compliance Risks Include Security* in the DevOps toolchain Democratize Security * Security Implementation, Validation and Enforcement 1. Secure the Application/System 2. Secure the platform 3. Secure the processes 4. Secure the culture
  • 16. Business Initiatives: Create New Revenue Streams Improve Quality Accelerate Time to Market Comply with Regulations The Challenge : High Complexity High Cost Multiple Demands High Complexity - Multiple Technology stacks - On Premises and Cloud - Departmental Silos - Legacy, Cloud-native, SaaS applications and services - Open-source sprawl High Cost - Compliance & Governance Policies - Regulatory overhead - Audit and Compliance overhead - Cybersecurity threat preparedness Multiple Demands - Business: Innovation and Monetization - Developers: Continuous Delivery - Analytics Teams: Massive, diverse data sets - Security Teams: Lack of talent and technology expertise
  • 18. One way to make sure you can deal with a flat tire on the freeway, in the rain, in the middle of the night is to poke a hole in your tire once a week in your driveway on a Sunday afternoon and go through the drill of replacing it. Chaos Engineering
  • 19. Antifragile: Things that are neither fragile or robust, but rather thrive in chaos. Achieving Antifragility
  • 20. The Chaos is Real https://www.sophos.com/en-us/medialibrary/PDFs/Whitepaper/sophos-exposed-cyberattacks-on-cloud-honeypots-wp.pdf
  • 21. Security Chaos Engineering Security Chaos Engineering is the discipline of instrumentation, identification, and remediation of failure within security controls through proactive experimentation to build confidence in the system's ability to defend against malicious conditions in production.
  • 22. Security Chaos Engineering implementation 1. End-to-end Continuous Instrumentation 2. Continuous Readiness Assessment 3. Continuous Security Gap Analysis 4. Automation to identify, detect, and remediate security failures 5. Focus on vulnerability and failure identification 6. Continuous improvement of Operational Readiness
  • 24. Idea/Feature/Bug Fix/ Enhancement Production Development Build QA SIT UAT Prod PMO Requirements/ Analyst Developer CustomersLine of Business Build Engineer QA Team Integration Tester User/Tester Operations Artifact Repository Deployment Engineer Release Management Code Repository Deploy Get Feedback Infrastructure as Code/ Cloud Patterns Feedback Customer or Customer Surrogate Data Tasks Artifacts Value Stream Mapping to Identify: • Waste • Wait-States • Rework Value Stream Mapping to Develop an Adoption Roadmap
  • 25. • Review the current state o Business goals, IT goals, current initiatives o Requirements o Environments o Repositories o Data Sources/Architecture o Roles / Organization o Metrics o Other • Prioritize Waste, Wait states and Rework • Create a first pass at a roadmap to address inefficiencies Next Step: DevOps Value Stream Mapping Workshop
  • 27. KNOWLEDGE WANTS TO BE FREE COPYRIGHT © 2020 ACCELERATED STRATEGIES GROUP, INC. ALL RIGHTS RESERVED