Continuous security monitoring in CI and CD pipelines

Abstract

Developers and Operations teams (DevOps) have moved towards containers and modern technologies. Monitoring and defending against attacks can prove to nightmare. The world is advancing towards accelerated deployments using DevOps and cloud native technologies. In this talk we will see how to monitor for security events using open source solutions to build an actionable monitoring system. We can apply this solutions to individual container run times like Docker or monitoring at cluster level like Kubernetes.

Date
Location
WeWork 41 Corsham, St 41 Corsham Street, London
Avatar
Madhu Akula
Never Ending Learner!

Madhu Akula is a security ninja, published author and cloud native security researcher with an extensive experience. Also he is an active member of the international security, devops and cloud native communities (null, DevSecOps, AllDayDevOps, etc). Hold industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), etc. Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON (24, 26 & 27), BlackHat USA (2018 & 19), USENIX LISA 2018, O’Reilly Velocity EU 2019, Appsec EU 2018, All Day DevOps (2016, 17, 18 & 19), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18), Nullcon (2018, 19), SACON 2019, Serverless Summit, null and multiple others. His research has identified vulnerabilities in over 200+ companies and organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc and credited with multiple CVE’s, Acknowledgements and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. Won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.

Next
Previous