Securing Without Slowing - DefCamp - 2017

Explore a comprehensive conference talk from DefCamp 2017 focused on integrating security practices into DevOps without compromising speed. Dive into key concepts such as Rugged DevOps, pipeline defects, and vulnerability visibility. Learn about effective strategies including design reviews, static analysis, and test automation. Discover how to implement feedback loops, internal wikis, and code rugged gates to enhance security measures. Examine the importance of cloud infrastructure security, vendor risk management, and maturity models. Gain insights on balancing security with DevOps practices and positioning security as a product within organizations.

Intro
Security as a metaphor
DevOps as a metaphor
Rugged DevOps
Pipeline
Defects
Cascade of Effects
Design Review
Static Analysis
Time to Run
Heartbleed
Vulnerability Visibility
Software Composition
Feedback Loops
Internal Wiki
Test Automation
Code Rugged
Gate
Pipeline Protection
Vulnerability Management
The Age of Ultron
Automation
DevOps and Security
Chief Learning Officers
Cloud Infrastructure
Cloud Apps
Security of the Day
Vendor Risk Management
Standards and Practices
Maturity Models
Visibility Internet Checklist
Billing
Security vs DevOps
Security as a Product