How DevOps Becomes DevOpsSec - Chris Raethke, Bugcrowd Webinar

How DevOps Becomes DevOpsSec - Chris Raethke, Bugcrowd Webinar

Bugcrowd via YouTube Direct link

500 devs != 5 security engs

14 of 23

14 of 23

500 devs != 5 security engs

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

How DevOps Becomes DevOpsSec - Chris Raethke, Bugcrowd Webinar

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 bugcrowd
  3. 3 why are we here?
  4. 4 Fast forward to 2015 CLOUD / SAAS MOBILE / BYOD
  5. 5 Move security as close as possible to the code and the data
  6. 6 DevOps as a double edged sword
  7. 7 DevOps rapid changes moar bugs/vulns faster
  8. 8 start simple, take small steps easy wins
  9. 9 developers have to care about their code
  10. 10 Code is the team's baby At least Peer Code Reviews
  11. 11 code style/quality reviews
  12. 12 everyone has to care about process
  13. 13 Decreasing friction between Dev and Sec
  14. 14 500 devs != 5 security engs
  15. 15 protect sales/marketing and admin staff from phishing
  16. 16 because.. people are the new automation
  17. 17 Lotsa bugs, best dev training
  18. 18 which types of issues, in which parts, of which applications
  19. 19 Accelerate Security ROI
  20. 20 reproduceable & testable production server configurations
  21. 21 deliberate small "simulated" fires
  22. 22 The best indicator of the next bug is the last bug.
  23. 23 + Small steps mean easy wins * Developers have to care about code * Security is a process, not a product Don't wait for a fire to hire fire fighters * Crowd sourcing can augment your team

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.