DevOps and Security: The Facts, The Myths, The Legend
David Mortman at AppSec USA 2014
DevOps (despite it's increasing popularity amongst both startups and now enterprises as well) still has a bad image with large chunks of the security community. While there are some challenges it brings, this negative reputation is largely undeserved and due to several critical myths around how DevOps breaks security or leaves security out of the equation. DevOps, when done right (and that is a key distinction) actually improves security of your applications. This is due to some very interesting, though initially counter-intuitive features of DevOps. We'll dismantle these myths, replace them with facts and perhaps generate a few legends of our own.
Speaker
David Mortman
Chief Security Architect and Distinguished Engineer, Dell
David Mortman is the Chief Security Architect and a Distinguished Engineer at Dell Enstratius and has been doing Information Security for well over 15 years. Additionally he is a Contributing Analyst at Securosis. Most recently, he was the Director of Security and Operations at C3. Previously, David was the CISO at Siebel Systems and the Manager of Global Security at Network Associates.
Speaker
David Mortman
Chief Security Architect and Distinguished Engineer, Dell
David Mortman is the Chief Security Architect and a Distinguished Engineer at Dell Enstratius and has been doing Information Security for well over 15 years. Additionally he is a Contributing Analyst at Securosis. Most recently, he was the Director of Security and Operations at C3. Previously, David was the CISO at Siebel Systems and the Manager of Global Security at Network Associates.