SlideShare a Scribd company logo

Security Loves DevOps: DevOpsDays Austin 2012

Download as PPTX, PDF
James Turnbull
James Turnbull

Discusses the intersection between security and DevOps and how Security people can leverage DevOps and vice versa.

TechnologyBusiness
1 of 26
DevOps & Security James Turnbull Puppet Labs DEVOPSDAYS AUSTIN 2012
Who me? • Puppet Labs employee • Security boffin • Open source fan • Author • Australian • Expletives DEVOPSDAYS AUSTIN 2012
More introductions Does anyone here work in Security? DEVOPSDAYS AUSTIN 2012
Three things I hated about Security 1. Not being liked 2. Not being effective 3. Not being happy DEVOPSDAYS AUSTIN 2012
Meme theft… DEVOPSDAYS AUSTIN 2012
What IT think Security do DEVOPSDAYS AUSTIN 2012
What the business think Security do DEVOPSDAYS AUSTIN 2012
What Security people think they do DEVOPSDAYS AUSTIN 2012
What Security Isn’t DEVOPSDAYS AUSTIN 2012
What Security Is (or Should Be) • Partnership not conflict • Servicing and Protecting all customers • Allowing increased risk appetite • Enabling the business to do business DEVOPSDAYS AUSTIN 2012
The Intersection DEVOPSDAYS AUSTIN 2012
Security people are people too DEVOPSDAYS AUSTIN 2012
Security people are people too • Developer People • Ops People • DBA People • Network People • Storage People DEVOPSDAYS AUSTIN 2012
DevOps & Security You should care about security too! DEVOPSDAYS AUSTIN 2012
DevOps & Security Evolution is mutual DEVOPSDAYS AUSTIN 2012
Getting Security to Listen It’s all about the culture DEVOPSDAYS AUSTIN 2012
Getting Security to Listen Destroy the blame culture DEVOPSDAYS AUSTIN 2012
Getting Security to Listen Speak the same language DEVOPSDAYS AUSTIN 2012
Getting Security to Listen "Risk management is the process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives, and deciding what countermeasures, if any, to take in reducing risk to an acceptable level, based on the value of the information resource to the organization.” DEVOPSDAYS AUSTIN 2012 - CISA
Getting Security to Listen Let the business do business with the right controls DEVOPSDAYS AUSTIN 2012
Talking Controls • Provisioning & Deployment: Efficiency • Configuration Management: Inconsistency is the enemy of security • Incident Management: Information is King • Audit: Magic away auditors DEVOPSDAYS AUSTIN 2012
Ideas for Collaboration DEVOPSDAYS AUSTIN 2012
DevOps & Security • Get roles and responsibilities right • Security people are (skilled) people too • Risk Register diving DEVOPSDAYS AUSTIN 2012
Dev & Security • Put Security people into Dev • Gather security requirements early • Designed for security == Deployed sanely & securely DEVOPSDAYS AUSTIN 2012
Ops & Security • Embed Security into Ops escalation • Invite Security to post-mortems • Expose Security to your metrics & data DEVOPSDAYS AUSTIN 2012
Thanks James Turnbull james@puppetlabs.com @kartar http://www.kartar.net DEVOPSDAYS AUSTIN 2012

Recommended

Do You Trust Your DevSecOps Pipeline?
Do You Trust Your DevSecOps Pipeline?Do You Trust Your DevSecOps Pipeline?
Do You Trust Your DevSecOps Pipeline?DevOps.com
 
Securing The Cloud: Top Down and Bottom Up
Securing The Cloud: Top Down and Bottom UpSecuring The Cloud: Top Down and Bottom Up
Securing The Cloud: Top Down and Bottom UpDevOps.com
 
Security confessions of a small country
Security confessions of a small countrySecurity confessions of a small country
Security confessions of a small countryLaura Bell
 
Panel Discussion: Integrated Scientific Discovery
Panel Discussion: Integrated Scientific DiscoveryPanel Discussion: Integrated Scientific Discovery
Panel Discussion: Integrated Scientific DiscoveryHPCC Systems
 
Simple Steps to Safety
Simple Steps to SafetySimple Steps to Safety
Simple Steps to SafetyHorse SA
 
Enterprise DevOps is not an oxymoron
Enterprise DevOps is not an oxymoronEnterprise DevOps is not an oxymoron
Enterprise DevOps is not an oxymoronLee Eason
 
Dekra insight safety excellence symposium
Dekra insight safety excellence symposiumDekra insight safety excellence symposium
Dekra insight safety excellence symposiumMusallam Khaifi
 
EDI Training Module 1: Workshop Introduction
EDI Training Module 1: Workshop IntroductionEDI Training Module 1: Workshop Introduction
EDI Training Module 1: Workshop IntroductionEnvironmental Data Initiative
 

Recommended

Do You Trust Your DevSecOps Pipeline?
Do You Trust Your DevSecOps Pipeline?Do You Trust Your DevSecOps Pipeline?
Do You Trust Your DevSecOps Pipeline?DevOps.com
 
Securing The Cloud: Top Down and Bottom Up
Securing The Cloud: Top Down and Bottom UpSecuring The Cloud: Top Down and Bottom Up
Securing The Cloud: Top Down and Bottom UpDevOps.com
 
Security confessions of a small country
Security confessions of a small countrySecurity confessions of a small country
Security confessions of a small countryLaura Bell
 
Panel Discussion: Integrated Scientific Discovery
Panel Discussion: Integrated Scientific DiscoveryPanel Discussion: Integrated Scientific Discovery
Panel Discussion: Integrated Scientific DiscoveryHPCC Systems
 
Simple Steps to Safety
Simple Steps to SafetySimple Steps to Safety
Simple Steps to SafetyHorse SA
 
Enterprise DevOps is not an oxymoron
Enterprise DevOps is not an oxymoronEnterprise DevOps is not an oxymoron
Enterprise DevOps is not an oxymoronLee Eason
 
Dekra insight safety excellence symposium
Dekra insight safety excellence symposiumDekra insight safety excellence symposium
Dekra insight safety excellence symposiumMusallam Khaifi
 
EDI Training Module 1: Workshop Introduction
EDI Training Module 1: Workshop IntroductionEDI Training Module 1: Workshop Introduction
EDI Training Module 1: Workshop IntroductionEnvironmental Data Initiative
 
The Australian Cyber Security Growth Network Strategy and Goals
The Australian Cyber Security Growth Network Strategy and GoalsThe Australian Cyber Security Growth Network Strategy and Goals
The Australian Cyber Security Growth Network Strategy and GoalsAustralian Cyber Security Growth Network Ltd
 
Think about having computer antivirus
Think about having computer antivirusThink about having computer antivirus
Think about having computer antivirusSid1256
 
STAREAST 2017- Optimize Performance Testing Using Cloud and DevOps
STAREAST 2017- Optimize Performance Testing Using Cloud and DevOpsSTAREAST 2017- Optimize Performance Testing Using Cloud and DevOps
STAREAST 2017- Optimize Performance Testing Using Cloud and DevOpsTroy Marshall
 
SDM Tiny Intro
SDM Tiny IntroSDM Tiny Intro
SDM Tiny IntroSuzanne Hagell
 
(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...
(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...
(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...Victoria Schiffer
 
A detailed guide about dev secops
A detailed guide about dev secopsA detailed guide about dev secops
A detailed guide about dev secopsEnov8
 
How to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety ExcellenceHow to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety ExcellencePECB
 
Do Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get FiredDo Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get FiredNetIQ
 
Why businesses are moving towards remote working?
Why businesses are moving towards remote working?Why businesses are moving towards remote working?
Why businesses are moving towards remote working?Vartika Kashyap
 
Bill checkpoint
Bill checkpointBill checkpoint
Bill checkpointBilly Cox
 
2017 Tasmanian Safety Symposium & Trade Show
2017 Tasmanian Safety Symposium & Trade Show2017 Tasmanian Safety Symposium & Trade Show
2017 Tasmanian Safety Symposium & Trade ShowAustralian Institute of Health & Safety
 
Katie reynolds-audi-presentation
Katie reynolds-audi-presentationKatie reynolds-audi-presentation
Katie reynolds-audi-presentationMichael Buckley
 
The Biggest Secrets of Security Awareness
The Biggest Secrets of Security AwarenessThe Biggest Secrets of Security Awareness
The Biggest Secrets of Security Awarenessdigitallibrary
 
#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...
#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...
#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...Paris Open Source Summit
 
A detailed guide about dev secops.docx
A detailed guide about dev secops.docxA detailed guide about dev secops.docx
A detailed guide about dev secops.docxEnov8
 
What the Fuck is DevOps?
What the Fuck is DevOps?What the Fuck is DevOps?
What the Fuck is DevOps?James Turnbull
 
What is DevOps? - ITSM Academy Webinar
What is DevOps? - ITSM Academy Webinar What is DevOps? - ITSM Academy Webinar
What is DevOps? - ITSM Academy Webinar ITSM Academy, Inc.
 
What is DevOps
What is DevOpsWhat is DevOps
What is DevOpsspajus
 
What is DevOps?
What is DevOps? What is DevOps?
What is DevOps? Matti Klasson
 
What is devops
What is devopsWhat is devops
What is devopsAaron Blythe
 
QA in DevOps: Transformation thru Automation via Jenkins
QA in DevOps: Transformation thru Automation via JenkinsQA in DevOps: Transformation thru Automation via Jenkins
QA in DevOps: Transformation thru Automation via JenkinsTatyana Kravtsov
 
Continuous Testing - What QA means for DevOps
Continuous Testing - What QA means for DevOpsContinuous Testing - What QA means for DevOps
Continuous Testing - What QA means for DevOpsSeaLights
 

More Related Content

What's hot

Think about having computer antivirus
Think about having computer antivirusThink about having computer antivirus
Think about having computer antivirusSid1256
 
STAREAST 2017- Optimize Performance Testing Using Cloud and DevOps
STAREAST 2017- Optimize Performance Testing Using Cloud and DevOpsSTAREAST 2017- Optimize Performance Testing Using Cloud and DevOps
STAREAST 2017- Optimize Performance Testing Using Cloud and DevOpsTroy Marshall
 
(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...
(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...
(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...Victoria Schiffer
 
A detailed guide about dev secops
A detailed guide about dev secopsA detailed guide about dev secops
A detailed guide about dev secopsEnov8
 
How to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety ExcellenceHow to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety ExcellencePECB
 
Do Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get FiredDo Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get FiredNetIQ
 
Why businesses are moving towards remote working?
Why businesses are moving towards remote working?Why businesses are moving towards remote working?
Why businesses are moving towards remote working?Vartika Kashyap
 
Bill checkpoint
Bill checkpointBill checkpoint
Bill checkpointBilly Cox
 
Katie reynolds-audi-presentation
Katie reynolds-audi-presentationKatie reynolds-audi-presentation
Katie reynolds-audi-presentationMichael Buckley
 
The Biggest Secrets of Security Awareness
The Biggest Secrets of Security AwarenessThe Biggest Secrets of Security Awareness
The Biggest Secrets of Security Awarenessdigitallibrary
 
#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...
#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...
#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...Paris Open Source Summit
 
A detailed guide about dev secops.docx
A detailed guide about dev secops.docxA detailed guide about dev secops.docx
A detailed guide about dev secops.docxEnov8
 

What's hot (15)

The Australian Cyber Security Growth Network Strategy and Goals
The Australian Cyber Security Growth Network Strategy and GoalsThe Australian Cyber Security Growth Network Strategy and Goals
The Australian Cyber Security Growth Network Strategy and Goals
 
Think about having computer antivirus
Think about having computer antivirusThink about having computer antivirus
Think about having computer antivirus
 
STAREAST 2017- Optimize Performance Testing Using Cloud and DevOps
STAREAST 2017- Optimize Performance Testing Using Cloud and DevOpsSTAREAST 2017- Optimize Performance Testing Using Cloud and DevOps
STAREAST 2017- Optimize Performance Testing Using Cloud and DevOps
 
SDM Tiny Intro
SDM Tiny IntroSDM Tiny Intro
SDM Tiny Intro
 
(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...
(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...
(Open Sourced) Cyber Scavenger Hunt - Gamified Security Awareness, even on a ...
 
A detailed guide about dev secops
A detailed guide about dev secopsA detailed guide about dev secops
A detailed guide about dev secops
 
How to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety ExcellenceHow to Establish a Culture of Safety Excellence
How to Establish a Culture of Safety Excellence
 
Do Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get FiredDo Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get Fired
 
Why businesses are moving towards remote working?
Why businesses are moving towards remote working?Why businesses are moving towards remote working?
Why businesses are moving towards remote working?
 
Bill checkpoint
Bill checkpointBill checkpoint
Bill checkpoint
 
2017 Tasmanian Safety Symposium & Trade Show
2017 Tasmanian Safety Symposium & Trade Show2017 Tasmanian Safety Symposium & Trade Show
2017 Tasmanian Safety Symposium & Trade Show
 
Katie reynolds-audi-presentation
Katie reynolds-audi-presentationKatie reynolds-audi-presentation
Katie reynolds-audi-presentation
 
The Biggest Secrets of Security Awareness
The Biggest Secrets of Security AwarenessThe Biggest Secrets of Security Awareness
The Biggest Secrets of Security Awareness
 
#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...
#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...
#OSSPARIS19 - Open Source, looking at the future !! - by STEPHEN WALLI, and p...
 
A detailed guide about dev secops.docx
A detailed guide about dev secops.docxA detailed guide about dev secops.docx
A detailed guide about dev secops.docx
 

Viewers also liked

What the Fuck is DevOps?
What the Fuck is DevOps?What the Fuck is DevOps?
What the Fuck is DevOps?James Turnbull
 
What is DevOps? - ITSM Academy Webinar
What is DevOps? - ITSM Academy Webinar What is DevOps? - ITSM Academy Webinar
What is DevOps? - ITSM Academy Webinar ITSM Academy, Inc.
 
What is DevOps
What is DevOpsWhat is DevOps
What is DevOpsspajus
 
QA in DevOps: Transformation thru Automation via Jenkins
QA in DevOps: Transformation thru Automation via JenkinsQA in DevOps: Transformation thru Automation via Jenkins
QA in DevOps: Transformation thru Automation via JenkinsTatyana Kravtsov
 
Continuous Testing - What QA means for DevOps
Continuous Testing - What QA means for DevOpsContinuous Testing - What QA means for DevOps
Continuous Testing - What QA means for DevOpsSeaLights
 
Implementing DevOps In Practice
Implementing DevOps In PracticeImplementing DevOps In Practice
Implementing DevOps In PracticeZoltán Németh
 
Continuous Deployment and Testing Workshop from Better Software West
Continuous Deployment and Testing Workshop from Better Software WestContinuous Deployment and Testing Workshop from Better Software West
Continuous Deployment and Testing Workshop from Better Software WestCory Foy
 
Risk Mitigation Using Exploratory and Technical Testing | QASymphony Webinar
Risk Mitigation Using Exploratory and Technical Testing | QASymphony WebinarRisk Mitigation Using Exploratory and Technical Testing | QASymphony Webinar
Risk Mitigation Using Exploratory and Technical Testing | QASymphony WebinarQASymphony
 
Where Testers & QA Fit in the Story of DevOps
Where Testers & QA Fit in the Story of DevOpsWhere Testers & QA Fit in the Story of DevOps
Where Testers & QA Fit in the Story of DevOpsQASymphony
 
DevOps and Continuous Delivery Reference Architectures (including Nexus and o...
DevOps and Continuous Delivery Reference Architectures (including Nexus and o...DevOps and Continuous Delivery Reference Architectures (including Nexus and o...
DevOps and Continuous Delivery Reference Architectures (including Nexus and o...Sonatype
 
Enterprise DevOps: Scaling Build, Deploy, Test, Release
Enterprise DevOps: Scaling Build, Deploy, Test, ReleaseEnterprise DevOps: Scaling Build, Deploy, Test, Release
Enterprise DevOps: Scaling Build, Deploy, Test, ReleaseIBM UrbanCode Products
 

Viewers also liked (17)

What the Fuck is DevOps?
What the Fuck is DevOps?What the Fuck is DevOps?
What the Fuck is DevOps?
 
What is DevOps? - ITSM Academy Webinar
What is DevOps? - ITSM Academy Webinar What is DevOps? - ITSM Academy Webinar
What is DevOps? - ITSM Academy Webinar
 
What is DevOps
What is DevOpsWhat is DevOps
What is DevOps
 
What is DevOps?
What is DevOps? What is DevOps?
What is DevOps?
 
What is devops
What is devopsWhat is devops
What is devops
 
QA in DevOps: Transformation thru Automation via Jenkins
QA in DevOps: Transformation thru Automation via JenkinsQA in DevOps: Transformation thru Automation via Jenkins
QA in DevOps: Transformation thru Automation via Jenkins
 
Continuous Testing - What QA means for DevOps
Continuous Testing - What QA means for DevOpsContinuous Testing - What QA means for DevOps
Continuous Testing - What QA means for DevOps
 
Implementing DevOps In Practice
Implementing DevOps In PracticeImplementing DevOps In Practice
Implementing DevOps In Practice
 
AWS Security and SecOps
AWS Security and SecOpsAWS Security and SecOps
AWS Security and SecOps
 
Continuous Deployment and Testing Workshop from Better Software West
Continuous Deployment and Testing Workshop from Better Software WestContinuous Deployment and Testing Workshop from Better Software West
Continuous Deployment and Testing Workshop from Better Software West
 
Risk Mitigation Using Exploratory and Technical Testing | QASymphony Webinar
Risk Mitigation Using Exploratory and Technical Testing | QASymphony WebinarRisk Mitigation Using Exploratory and Technical Testing | QASymphony Webinar
Risk Mitigation Using Exploratory and Technical Testing | QASymphony Webinar
 
Where Testers & QA Fit in the Story of DevOps
Where Testers & QA Fit in the Story of DevOpsWhere Testers & QA Fit in the Story of DevOps
Where Testers & QA Fit in the Story of DevOps
 
DevOps
DevOpsDevOps
DevOps
 
Introducing DevOps
Introducing DevOpsIntroducing DevOps
Introducing DevOps
 
DevOps 101
DevOps 101DevOps 101
DevOps 101
 
DevOps and Continuous Delivery Reference Architectures (including Nexus and o...
DevOps and Continuous Delivery Reference Architectures (including Nexus and o...DevOps and Continuous Delivery Reference Architectures (including Nexus and o...
DevOps and Continuous Delivery Reference Architectures (including Nexus and o...
 
Enterprise DevOps: Scaling Build, Deploy, Test, Release
Enterprise DevOps: Scaling Build, Deploy, Test, ReleaseEnterprise DevOps: Scaling Build, Deploy, Test, Release
Enterprise DevOps: Scaling Build, Deploy, Test, Release
 

Similar to Security Loves DevOps: DevOpsDays Austin 2012

S360 2015 dev_secops_program
S360 2015 dev_secops_programS360 2015 dev_secops_program
S360 2015 dev_secops_programShannon Lietz
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 
DevSecOps Value & Its Organizational Impact: A CSO's Perspective
DevSecOps Value & Its Organizational Impact: A CSO's PerspectiveDevSecOps Value & Its Organizational Impact: A CSO's Perspective
DevSecOps Value & Its Organizational Impact: A CSO's PerspectiveCprime
 
State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019Stefan Streichsbier
 
IT Security As A Service
IT Security As A ServiceIT Security As A Service
IT Security As A ServiceMichael Davis
 
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting LeftDevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting LeftDevSecCon
 
Enterprise Security Considerations
Enterprise Security ConsiderationsEnterprise Security Considerations
Enterprise Security ConsiderationsAmazon Web Services
 
Build the right culture in DevSecOps
Build the right culture in DevSecOps Build the right culture in DevSecOps
Build the right culture in DevSecOps Nadira Bajrei
 
Everything To Everybody? Making Your Denodo Implementation a Huge Success
Everything To Everybody? Making Your Denodo Implementation a Huge SuccessEverything To Everybody? Making Your Denodo Implementation a Huge Success
Everything To Everybody? Making Your Denodo Implementation a Huge SuccessDenodo
 
Road map to safety ppt
Road map to safety pptRoad map to safety ppt
Road map to safety pptDoug Crann
 
How to Boost your Cyber Risk Management Program and Capabilities?
How to Boost your Cyber Risk Management Program and Capabilities?How to Boost your Cyber Risk Management Program and Capabilities?
How to Boost your Cyber Risk Management Program and Capabilities?PECB
 
2012 FEPA Presentation: Mark Weise
2012 FEPA Presentation: Mark Weise2012 FEPA Presentation: Mark Weise
2012 FEPA Presentation: Mark WeiseFloridaPipeTalk
 
Shadow IT: The CISO Perspective on Regaining Control
Shadow IT: The CISO Perspective on Regaining ControlShadow IT: The CISO Perspective on Regaining Control
Shadow IT: The CISO Perspective on Regaining ControlCipherCloud
 
Privacies are Coming
Privacies are ComingPrivacies are Coming
Privacies are ComingErnest Staats
 
Slide Deck - CISSP Mentor Program Class Session 1
Slide Deck - CISSP Mentor Program Class Session 1Slide Deck - CISSP Mentor Program Class Session 1
Slide Deck - CISSP Mentor Program Class Session 1FRSecure
 
Værdien af Identity & Access Management, Jan Quach, Accenture
Værdien af Identity & Access Management, Jan Quach, AccentureVærdien af Identity & Access Management, Jan Quach, Accenture
Værdien af Identity & Access Management, Jan Quach, AccentureIBM Danmark
 

Similar to Security Loves DevOps: DevOpsDays Austin 2012 (20)

S360 2015 dev_secops_program
S360 2015 dev_secops_programS360 2015 dev_secops_program
S360 2015 dev_secops_program
 
SDLC & DevSecOps
SDLC & DevSecOpsSDLC & DevSecOps
SDLC & DevSecOps
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
 
DevSecOps Value & Its Organizational Impact: A CSO's Perspective
DevSecOps Value & Its Organizational Impact: A CSO's PerspectiveDevSecOps Value & Its Organizational Impact: A CSO's Perspective
DevSecOps Value & Its Organizational Impact: A CSO's Perspective
 
State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019
 
IT Security As A Service
IT Security As A ServiceIT Security As A Service
IT Security As A Service
 
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting LeftDevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
 
Enterprise Security Considerations
Enterprise Security ConsiderationsEnterprise Security Considerations
Enterprise Security Considerations
 
Build the right culture in DevSecOps
Build the right culture in DevSecOps Build the right culture in DevSecOps
Build the right culture in DevSecOps
 
Everything To Everybody? Making Your Denodo Implementation a Huge Success
Everything To Everybody? Making Your Denodo Implementation a Huge SuccessEverything To Everybody? Making Your Denodo Implementation a Huge Success
Everything To Everybody? Making Your Denodo Implementation a Huge Success
 
Road map to safety ppt
Road map to safety pptRoad map to safety ppt
Road map to safety ppt
 
Road map to safety ppt
Road map to safety pptRoad map to safety ppt
Road map to safety ppt
 
How to Boost your Cyber Risk Management Program and Capabilities?
How to Boost your Cyber Risk Management Program and Capabilities?How to Boost your Cyber Risk Management Program and Capabilities?
How to Boost your Cyber Risk Management Program and Capabilities?
 
2012 FEPA Presentation: Mark Weise
2012 FEPA Presentation: Mark Weise2012 FEPA Presentation: Mark Weise
2012 FEPA Presentation: Mark Weise
 
Introducing agile
Introducing agileIntroducing agile
Introducing agile
 
Shadow IT: The CISO Perspective on Regaining Control
Shadow IT: The CISO Perspective on Regaining ControlShadow IT: The CISO Perspective on Regaining Control
Shadow IT: The CISO Perspective on Regaining Control
 
Privacies are Coming
Privacies are ComingPrivacies are Coming
Privacies are Coming
 
Slide Deck - CISSP Mentor Program Class Session 1
Slide Deck - CISSP Mentor Program Class Session 1Slide Deck - CISSP Mentor Program Class Session 1
Slide Deck - CISSP Mentor Program Class Session 1
 
Værdien af Identity & Access Management, Jan Quach, Accenture
Værdien af Identity & Access Management, Jan Quach, AccentureVærdien af Identity & Access Management, Jan Quach, Accenture
Værdien af Identity & Access Management, Jan Quach, Accenture
 
The State of DevSecOps
The State of DevSecOpsThe State of DevSecOps
The State of DevSecOps
 

More from James Turnbull

And lo there was monitoring!
And lo there was monitoring!And lo there was monitoring!
And lo there was monitoring!James Turnbull
 
Monitoring As A Service - Modernity and Self-Service CraftConf 2016
Monitoring As A Service - Modernity and Self-Service CraftConf 2016Monitoring As A Service - Modernity and Self-Service CraftConf 2016
Monitoring As A Service - Modernity and Self-Service CraftConf 2016James Turnbull
 
Orchestrating Docker - Making the Whale Dance
Orchestrating Docker - Making the Whale DanceOrchestrating Docker - Making the Whale Dance
Orchestrating Docker - Making the Whale DanceJames Turnbull
 
Monitoring as a service - Velocity NYC 2015
Monitoring as a service - Velocity NYC 2015Monitoring as a service - Velocity NYC 2015
Monitoring as a service - Velocity NYC 2015James Turnbull
 
Developing Good Operations Tools
Developing Good Operations ToolsDeveloping Good Operations Tools
Developing Good Operations ToolsJames Turnbull
 
Monitoring As A Service - Monitorama 2015
Monitoring As A Service - Monitorama 2015Monitoring As A Service - Monitorama 2015
Monitoring As A Service - Monitorama 2015James Turnbull
 
Why Monitoring Sucks and what Configuration Management can do about it
Why Monitoring Sucks and what Configuration Management can do about itWhy Monitoring Sucks and what Configuration Management can do about it
Why Monitoring Sucks and what Configuration Management can do about itJames Turnbull
 
Monitoring As a Service
Monitoring As a ServiceMonitoring As a Service
Monitoring As a ServiceJames Turnbull
 
Fig for Local Development
Fig for Local DevelopmentFig for Local Development
Fig for Local DevelopmentJames Turnbull
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to DockerJames Turnbull
 
Software archaeology for beginners: code, community and culture
Software archaeology for beginners: code, community and cultureSoftware archaeology for beginners: code, community and culture
Software archaeology for beginners: code, community and cultureJames Turnbull
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to DockerJames Turnbull
 
LogStash - Yes, logging can be awesome
LogStash - Yes, logging can be awesomeLogStash - Yes, logging can be awesome
LogStash - Yes, logging can be awesomeJames Turnbull
 
Once upon a time: Why operations mythology matters
Once upon a time: Why operations mythology mattersOnce upon a time: Why operations mythology matters
Once upon a time: Why operations mythology mattersJames Turnbull
 
State of the Puppet Community - PuppetConf 2012
State of the Puppet Community - PuppetConf 2012State of the Puppet Community - PuppetConf 2012
State of the Puppet Community - PuppetConf 2012James Turnbull
 
Rollback: The Impossible Dream
Rollback: The Impossible DreamRollback: The Impossible Dream
Rollback: The Impossible DreamJames Turnbull
 
Using Puppet - Real World Configuration Management
Using Puppet - Real World Configuration ManagementUsing Puppet - Real World Configuration Management
Using Puppet - Real World Configuration ManagementJames Turnbull
 

More from James Turnbull (18)

And lo there was monitoring!
And lo there was monitoring!And lo there was monitoring!
And lo there was monitoring!
 
Monitoring As A Service - Modernity and Self-Service CraftConf 2016
Monitoring As A Service - Modernity and Self-Service CraftConf 2016Monitoring As A Service - Modernity and Self-Service CraftConf 2016
Monitoring As A Service - Modernity and Self-Service CraftConf 2016
 
Orchestrating Docker - Making the Whale Dance
Orchestrating Docker - Making the Whale DanceOrchestrating Docker - Making the Whale Dance
Orchestrating Docker - Making the Whale Dance
 
Monitoring as a service - Velocity NYC 2015
Monitoring as a service - Velocity NYC 2015Monitoring as a service - Velocity NYC 2015
Monitoring as a service - Velocity NYC 2015
 
Developing Good Operations Tools
Developing Good Operations ToolsDeveloping Good Operations Tools
Developing Good Operations Tools
 
Monitoring As A Service - Monitorama 2015
Monitoring As A Service - Monitorama 2015Monitoring As A Service - Monitorama 2015
Monitoring As A Service - Monitorama 2015
 
Docker for Developers
Docker for DevelopersDocker for Developers
Docker for Developers
 
Why Monitoring Sucks and what Configuration Management can do about it
Why Monitoring Sucks and what Configuration Management can do about itWhy Monitoring Sucks and what Configuration Management can do about it
Why Monitoring Sucks and what Configuration Management can do about it
 
Monitoring As a Service
Monitoring As a ServiceMonitoring As a Service
Monitoring As a Service
 
Fig for Local Development
Fig for Local DevelopmentFig for Local Development
Fig for Local Development
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Software archaeology for beginners: code, community and culture
Software archaeology for beginners: code, community and cultureSoftware archaeology for beginners: code, community and culture
Software archaeology for beginners: code, community and culture
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
LogStash - Yes, logging can be awesome
LogStash - Yes, logging can be awesomeLogStash - Yes, logging can be awesome
LogStash - Yes, logging can be awesome
 
Once upon a time: Why operations mythology matters
Once upon a time: Why operations mythology mattersOnce upon a time: Why operations mythology matters
Once upon a time: Why operations mythology matters
 
State of the Puppet Community - PuppetConf 2012
State of the Puppet Community - PuppetConf 2012State of the Puppet Community - PuppetConf 2012
State of the Puppet Community - PuppetConf 2012
 
Rollback: The Impossible Dream
Rollback: The Impossible DreamRollback: The Impossible Dream
Rollback: The Impossible Dream
 
Using Puppet - Real World Configuration Management
Using Puppet - Real World Configuration ManagementUsing Puppet - Real World Configuration Management
Using Puppet - Real World Configuration Management
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 

Security Loves DevOps: DevOpsDays Austin 2012

  • 1. DevOps & Security James Turnbull Puppet Labs DEVOPSDAYS AUSTIN 2012
  • 2. Who me? • Puppet Labs employee • Security boffin • Open source fan • Author • Australian • Expletives DEVOPSDAYS AUSTIN 2012
  • 3. More introductions Does anyone here work in Security? DEVOPSDAYS AUSTIN 2012
  • 4. Three things I hated about Security 1. Not being liked 2. Not being effective 3. Not being happy DEVOPSDAYS AUSTIN 2012
  • 5. Meme theft… DEVOPSDAYS AUSTIN 2012
  • 6. What IT think Security do DEVOPSDAYS AUSTIN 2012
  • 7. What the business think Security do DEVOPSDAYS AUSTIN 2012
  • 8. What Security people think they do DEVOPSDAYS AUSTIN 2012
  • 9. What Security Isn’t DEVOPSDAYS AUSTIN 2012
  • 10. What Security Is (or Should Be) • Partnership not conflict • Servicing and Protecting all customers • Allowing increased risk appetite • Enabling the business to do business DEVOPSDAYS AUSTIN 2012
  • 11. The Intersection DEVOPSDAYS AUSTIN 2012
  • 12. Security people are people too DEVOPSDAYS AUSTIN 2012
  • 13. Security people are people too • Developer People • Ops People • DBA People • Network People • Storage People DEVOPSDAYS AUSTIN 2012
  • 14. DevOps & Security You should care about security too! DEVOPSDAYS AUSTIN 2012
  • 15. DevOps & Security Evolution is mutual DEVOPSDAYS AUSTIN 2012
  • 16. Getting Security to Listen It’s all about the culture DEVOPSDAYS AUSTIN 2012
  • 17. Getting Security to Listen Destroy the blame culture DEVOPSDAYS AUSTIN 2012
  • 18. Getting Security to Listen Speak the same language DEVOPSDAYS AUSTIN 2012
  • 19. Getting Security to Listen "Risk management is the process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives, and deciding what countermeasures, if any, to take in reducing risk to an acceptable level, based on the value of the information resource to the organization.” DEVOPSDAYS AUSTIN 2012 - CISA
  • 20. Getting Security to Listen Let the business do business with the right controls DEVOPSDAYS AUSTIN 2012
  • 21. Talking Controls • Provisioning & Deployment: Efficiency • Configuration Management: Inconsistency is the enemy of security • Incident Management: Information is King • Audit: Magic away auditors DEVOPSDAYS AUSTIN 2012
  • 22. Ideas for Collaboration DEVOPSDAYS AUSTIN 2012
  • 23. DevOps & Security • Get roles and responsibilities right • Security people are (skilled) people too • Risk Register diving DEVOPSDAYS AUSTIN 2012
  • 24. Dev & Security • Put Security people into Dev • Gather security requirements early • Designed for security == Deployed sanely & securely DEVOPSDAYS AUSTIN 2012
  • 25. Ops & Security • Embed Security into Ops escalation • Invite Security to post-mortems • Expose Security to your metrics & data DEVOPSDAYS AUSTIN 2012
  • 26. Thanks James Turnbull james@puppetlabs.com @kartar http://www.kartar.net DEVOPSDAYS AUSTIN 2012

Editor's Notes

  1. ----- Meeting Notes (4/1/12 15:14) -----1. Firewall rules faster2. Three things: - Information: What's vuln - Remediation: Fix it once and fast. - Consistency - things stay fixed