Modern Security Operations aka Secure DevOps

Name: Modern Security Operations aka Secure DevOps
Start: 2017-10-24T00:00:00Z
Location: Live, Online

Abstract

We will discuss the what, why and the how of running modern security operations. We will take a look at the pain points in a DevOps life cycle and see the benefits of pragmatic security solutions. Attendees will get an idea about where and how to start devsecops for secure devops pipeline.

This talk is focused on the what, why and the how of running security operations in the modern world. The way attacks are changing and developers are moving ahead with the next generation technologies is blazingly fast. However, traditional operations still exist. It then becomes imperative to make changes in the way security operations should run to defend against attackers and work with developers and modern businesses. In this talk, we will see what are the real world problems faced by organisations, how we can rapidly adapt to changes by modifying the culture and methodologies while relying on processes, tools and techniques.

Date

Tuesday, 24 Oct 2017 00:00 UTC

Event

All Day DevOps 2017

Location

Live, Online

Slides

Slides from my talk at @AllDayDevOps about Modern Security Operations aka Secure DevOpshttps://t.co/ZiPWQyNCNT #DevSecOps #AllDayDevOps
— Madhu Akula (@madhuakula) October 25, 2017

Madhu Akula

Never Ending Learner!

Madhu Akula is a pragmatic security leader and creator of Kubernetes Goat, an intentionally vulnerable by design Kubernetes Cluster to learn and practice Kubernetes Security. Also published author and cloud native security researcher with an extensive experience. Also he is an active member of the international security, devops and cloud native communities (null, DevSecOps, AllDayDevOps, AWS, CNCF, USENIX, OWASP, etc). Holds industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), CKS (Certified Kubernetes Security Specialist), etc. Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON (24, 26, 27, 28, 29, 30), BlackHat (2018, 19, 21, 22 & 23), USENIX LISA (2018, 19 & 21), SANS Cloud Security Summit 2021 & 2022, O’Reilly Velocity EU 2019, GitHub Satellite 2020, Appsec EU (2018, 19, 22), All Day DevOps (2016, 17, 18, 19, 20, 21 & 22), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18 & 20), Nullcon (2018, 19, 21 & 22), SACON 2019, Serverless Summit, null and multiple others. His research has identified vulnerabilities in over 200+ companies and organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc and credited with multiple CVE’s, Acknowledgements and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. He is the technical reviewer for Learn Kubernetes Security, Practical Ansible2 books by Packt Pub. Also won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.