When DevOps Meets Security

When DevOps Meets Security

GOTO Conferences via YouTube Direct link

Government Digital Service

2 of 39

2 of 39

Government Digital Service

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

When DevOps Meets Security

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Introduction
  2. 2 Government Digital Service
  3. 3 The state of information security in 2015
  4. 4 Approval to operate
  5. 5 Accreditation
  6. 6 Certification
  7. 7 Traditional model
  8. 8 Agile changes everything
  9. 9 Focus on flow and cycle time
  10. 10 A security nightmare!
  11. 11 A brave new world for security
  12. 12 Security needs to be an enabler
  13. 13 Biggest consistent finding?
  14. 14 Principles over rules
  15. 15 The UK Government published 8 principles
  16. 16 Accept uncertainty
  17. 17 Security as part of the team
  18. 18 Understand the risks
  19. 19 Trust decision making
  20. 20 Security is part of everything
  21. 21 User experience is important
  22. 22 Audit decisions
  23. 23 Understand big picture impact
  24. 24 Choose security model that's appropriate
  25. 25 Understand the threats
  26. 26 Educate decision makers to risks
  27. 27 Make risk decisions, per story, in the team
  28. 28 What do you do about it?
  29. 29 Transfer
  30. 30 Mitigate
  31. 31 Deter, Detect, Prevent
  32. 32 Reactive countermeasures
  33. 33 Correct, Respond, Recover
  34. 34 Traditional security people understand this
  35. 35 Misuse cases
  36. 36 Attack trees
  37. 37 Red teams
  38. 38 Automated penetration testing
  39. 39 Automated Integrated Repeatable

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.