Devopsdays 2020: securing your devops transformation - April Edwards

Tags: devopsdays

(One of my summaries of a talk at the 2020 online devopsdays Amsterdam conference).

She quotes Gartner: “95% of cloud breaches occur due to human errors such as configuration mistakes”. Passwords in repositories, for instance.

A common problem is deadlines. It is easy to cut back a bit on security to meet a business deadline or objective…. Manual processes and culture also hinders security innovation. Interference from management. Fear of failure. Lack of learning.

Devops: people, process, products. Five main things to pay attention to:

  • Enable secure development. What tools do you use?

  • Secure your development devices and development environment.

  • Make sure your source code control is secure.

  • CI/CD tooling and all the other automatic checks you can do.

  • Good alerting and monitoring.

 
vanrees.org logo

About me

My name is Reinout van Rees and I work a lot with Python (programming language) and Django (website framework). I live in The Netherlands and I'm happily married to Annie van Rees-Kooiman.

Weblog feeds

Most of my website content is in my weblog. You can keep up to date by subscribing to the automatic feeds (for instance with Google reader):