Wednesday, May 11, 2022

Can Cybersecurity and DevOps Collaborate to Achieve DevSecOps in a Cloud-Native World?
Join on Hopin
Mike Fraser
Mike Fraser
Sophos, VP of DevSecOps

DevSecOps is an inclusive term yet most security teams argue they remain left out of the effort to automate deployment processes. While DevOps teams and their tools are progressing along the automation curve, security teams are left to manual hand-offs from DevOps. As a result, DevOps and security teams struggle to collaborate as their organizations modernize and adopt cloud-native technologies.
Using the resources we already possess, is it possible for cybersecurity to gather speed and collaborate with DevOps? In this session, I will cover the current automation challenges faced by cybersecurity, namely a lack in collaborative when it comes to automation with DevOps. I will show how security tools can be used in DevSecOps pipelines to automate routine security tasks including: adding infrastructure-as-code security scanning before deploying Kubernetes clusters, scanning Kubernetes deployed on cloud infrastructure against the CIS K8s benchmark , and even performing remediation with Kubernetes in real-world DevSecvOps pipelines.
Cybersecurity is a growing field but the gap between DevOps and cybersecurity is widening. The faster we make DevSecOps a reality, the quicker we can enable cybersecurity teams to truly contribute in a collaborative approach with DevOps with cloud-native technologies.