Securing Cloud DevOps—You Can Run, But You Can’t Hide Security

Recorded June 4, 2020 | On Demand


Modern application development has given rise to microservices and serverless architectures that leverage agile DevOps processes. Deployment speeds have now increased to levels previously unfathomable and developers can now take ownership of the process. But what about security?

Watch Trend Micro and Snyk as we discuss how dealing with both dependencies and configurations change the security aspect for developers and security groups while the industry is moving up the stack. You will learn best practices for:

  • Security issues of libraries/OS distributions in cloud and source-code repositories
  • Protection at runtimes—is there a difference between applications and containers?
  • Security considerations for microservices, IaC, and SaaS
  • Vulnerability issues for IaaS, PaaS, and FaaS

#

Meet the Presenters

Alyssa Miller

Application Security Advocate
Snyk

Alyssa Miller is a hacker, security advocate, researcher, author, and public speaker with almost 15 years of experience as a professional in the security community. She has always had a passion for deconstructing technology, particularly since buying her first computer at the age of 12, teaching herself BASIC programming. In her career, Alyssa has performed all forms of security assessments, but given her developer background, she has a dedication to application security. She specializes in working with development and security leaders to design and deploy effective security programs that strengthen enterprises’ security strategy. Alyssa is also committed to advocating for security practices. Not only does she speak internationally at various industry, vendor, and corporate events, Alyssa also engages in the community through her online content, media appearances, and security community activism. Her journey through security was recently featured in an article by Cybercrime Magazine. She’s also been recognized in Peerlyst’s e-Book “50 Influential Penetration Testers”. Alyssa is a board member for Women of Security (WoSEC) and an advisory board member for Blue Team Con. Additionally, she has participated on multiple panels discussing solutions to reduce the diversity gap in security and focuses much of her efforts on helping others build careers in security. Currently, Alyssa is an Application Security Advocate for Snyk, where she directs her efforts into improving security practices across the DevSecOps paradigm.

Chuck Losh

Sales Engineer
Trend Micro

Chuck Losh is a cloud technology enthusiast, researcher, tinkerer, and like any other engineer, always striving to find a better solution to a problem and help others.  He has worked 20+ years in information technology in various roles, such as a developer/programmer, infrastructure, operations related roles, as well as a cloud engineer. Chuck has many credentials in cloud technologies, including his Microsoft MCT, Azure DevOps, Azure Solutions Architect, and AWS Solutions Architect. He currently works at Trend Micro as an SE, teaching and helping customers implement security software, and best practices to protect their business. In his spare time, he enjoys spending time with his family and playing hockey with his son.

Headshot_Greg-Young_200x200.jpg

Greg Young

Vice President for Cybersecurity
Trend Micro

Greg has over 30 years in cybersecurity experience, specializing in securing networks, architectures, and data. Greg is keen on sharing the reality of security in larger organizations, and how business can be done securely in those environments. As a Research Vice President with Gartner for 13 years, Greg advised thousands of companies and governments on how to better secure themselves, as well as evaluated and advised hundreds of security vendors. At Gartner he led research for network security, threat trends, data center security, cloud netsec, and microsegmentation, authoring over 20 Gartner Magic Quadrants. Greg was CISO for the Department of Communications and Chief Security Architect for a security product company. He was a commissioned officer in the military police and counter-intelligence branch working as a Certifier/Accreditor at the national authority. Greg too often mentions he was an extra in two episodes of Airwolf. Chat with Greg on Twitter via @OrangeKlaxon and on LinkedIn

Section 1 - Column 4. Praesent non velit ut libero condimentum pulvinar sed vitae tellus.
Vestibulum id tristique elit. Suspendisse posuere rutrum sodales. Nam id elit ac sem iaculis lacinia posuere vitae metus.