Wednesday, August 14 • 11:30am - 12:15pm
DevSecOps - Balancing Agility, Stability and Security in a Continuous Software Business *SLIDES AVAILABLE

Log in to save this to your schedule and see who's attending!

Go faster. Be more reliable. Keep it secure. The rise of continuous delivery and infrastructure as code has increased the rate at which developers are able (and sometimes willing) to deploy software and infrastructure from development to production. This often occurs without the classic oversight and protection that formal InfoSec and operations teams bring when they gate all deployments and modifications to infrastructure. Central ops," "you build it you run it," "no ops," "shared ops," and "embedded ops" are all team structures used to manage the software delivery process. However, they all have trade-offs that impact delivery speed, reliability and security. * Dev - "Ops are blocking us!" * Ops - "We own that environment!" * InfoSec - "Lock. It. Down." In this talk, we discuss practical ways to manage security, performance and delegation of capability to engineering teams in fast moving continuous delivery environments. We will also discuss the technical approaches we've taken, the challenges of SOC 2 compliance vs. DevOps and the real-world implementation of platforms/tools such as Terraform, AWS GuardDuty, Kubernetes, Vault, DataDog and others."

avatar for Ben Walding

Ben Walding

Director of Engineering Operations, CloudBees
Ben Walding is best known for his role in OSS hosting as a “Codehaus Despot.”Ben’s exposure to Jenkins became professional when he joined CloudBees in 2011, as he integrated the Codehaus services into CloudBees’ Jenkins as a Service (DEV@cloud) platform.Ben now manages CloudBees... Read More →

Wednesday August 14, 2019 11:30am - 12:15pm
Room 2002