The Role of DevOps in Application Security
Rob Whiteley (Chief Marketing Officer, NGINX)
Location: Grand Ballroom G
Date: Wednesday, May 2
Time: 2:00pm - 2:50pm
Pass Type: All Access, Conference
Format: Conference Session
Conference Journey: Software Developer/Engineer
Vault Recording: TBD
Audience Level: Intermediate
DevOps teams today are challenged with outplaying hackers, whose tools and practices have grown increasingly sophisticated. However, some of the most common problems in secure application development and deployment often stem from uncertainty about dev and ops responsibilities. Under pressure to build and deploy software quickly, it's easy for one side to think the other has completed the necessary security tasks.
In his session, Rob Whiteley, Chief Marketing Officer for NGINX will discuss the the differing responsibilities of dev and ops teams that need to be clearly defined to ensure alignment on security.
Rob, will discuss the role of the developers, which include:
- following good application security practices when architecting applications.
- following good principles, like minimum privilege and minimum data.
The operations team must:
- take responsibility for standards, like authentication or encryption or certificates.
- build an environment that is robust and reliable -- one that allows them to identify security issues and respond to those quickly.
Building security into the architecture for an organization's application is the most important part of secure development and deployment, and by making sure dev and ops are on the same page is the first step in this process.