SlideShare uma empresa Scribd logo

Continuous Security

Equal Experts
Equal Experts

Talk given by Phil Parker (Partner at Equal Experts) at ExpertTalks Berlin, 14th June 2018. Running a build server does not mean you are *doing* Continuous Delivery. An OWASP Top 10 poster on the wall does not mean you are *doing* Information Security. This talk explores what the real important factors of Continuous Delivery are, does the same for Information Security and then focusses in on how the two intersect and interact. Developers, testers, ops (and anyone else working on tech teams) will learn why Continuous Delivery is actually MORE secure than the alternatives.

Software
1 de 40
Baixar para ler offline
CONTINUOUS SECURITY
CONTINUOUS DELIVERY INFORMATION SECURITY 1 2 3 CONTINUOUS SECURITY
@parker0phil Continuous Delivery 1
Continuous DeliveryContinuous Delivery “a ready feature can be put in front of real customers at little notice, with no panic”
Continuous DeliveryContinuous Delivery * “When speed and stability satisfy business demand.” * See also: Discontinuous Delivery
Continuous Delivery “speed and stability” Shorter Cycle Time Smaller Batch Size “a ready feature… no panic”
Batch Size Quantity (and complexity) of a single unit of production deployment.
✗ ✓ @parker0phil (Smaller) Batch Size
Cycle Time Wait time between an idea (hypotheses) of a piece of value and that value being in production, used by a real customer.
@parker0phil (Shorter) Cycle Time ✗ ✓
How do we get Continuous Delivery? a close, collaborative working relationship between everyone involved in delivery extensive automation of all possible parts of the delivery process
@parker0phil 2 Information Security
(Information) Security “defence of computers and servers, mobile devices, electronic systems, networks and data from malicious attacks” “preventing unauthorized access to computers, networks and data” “protection of systems, networks and data in cyberspace”
“You can't defend. You can't prevent. The only thing you can do is detect and respond.” - Bruce Schneier
Information Security Managing the risk of unauthorised impacts to the confidentiality, integrity or availability of systems and data.
Information Security Protecting Users
CVSS Exploitability Impact
Security Development Lifecycle Spoofing Identity Information Disclosure Elevation of Privilege Repudiation S T R I D E Tampering with Data Denial of Service
@parker0phil Continuous Delivery is Secure 3
@parker0phil Continuous Delivery IS MORE Secure! 3
Smaller Batch Size
1 Isolation of Cause and Effect 15
Shorter Cycle Time
Mean Time to Detect (MTTD) Mean Time to Resolve (MTTR) RELEASE FIND Vulnerability FIX Vulnerability Attack Window Mean Time to Detect (MTTD) Mean Time to Exploit (MTTE)
extensive automation of all possible parts of the delivery process How do we get Continuous Delivery?
“… we move too fast for there to be time for reviews by the security team beforehand. That needs automation, and it needs to be integrated into your process. Each and every piece should get security integrated into it … before and after being deployed.” - Werner Vogels
Dependency Checking
Dependency Checking Static Analysis Security Tests (Checks) Scanning
Dependency Checking Static Analysis Security Tests (Checks) Scanning
a close, collaborative working relationship between everyone involved in delivery extensive automation of all possible parts of the delivery process How do we get Continuous Delivery?
“Security is everyone’s job now, not just the security team’s. With continuous integration and continuous deployment, all developers have to be security engineers, we move too fast for there to be time for reviews by the security team beforehand. ...” - Werner Vogels
EE Secure Delivery Playbook Principles Security should be: 1. Collaborative 2. Continuous 3. Contextual
CONTINUOUS SECURITY THANK YOU!

Recomendados

Building Trustworthy Containers
Building Trustworthy ContainersBuilding Trustworthy Containers
Building Trustworthy ContainersSysdig
 
Automated Security Hardening with OpenStack-Ansible
Automated Security Hardening with OpenStack-AnsibleAutomated Security Hardening with OpenStack-Ansible
Automated Security Hardening with OpenStack-AnsibleMajor Hayden
 
Microservices docker-security
Microservices docker-securityMicroservices docker-security
Microservices docker-securitySergio Loureiro
 
Patterns for Secure Containerized Applications (Docker)
Patterns for Secure Containerized Applications (Docker)Patterns for Secure Containerized Applications (Docker)
Patterns for Secure Containerized Applications (Docker)Erica Windisch
 
Tapping Hackers for Continuous Security: That's Hacker-Powered Security
Tapping Hackers for Continuous Security: That's Hacker-Powered SecurityTapping Hackers for Continuous Security: That's Hacker-Powered Security
Tapping Hackers for Continuous Security: That's Hacker-Powered SecurityHackerOne
 
Become a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza BeghalBecome a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza BeghalNull Singapore
 
Real security in a virtual environment - Infosecurity 2011
Real security in a virtual environment - Infosecurity 2011Real security in a virtual environment - Infosecurity 2011
Real security in a virtual environment - Infosecurity 2011David Geens
 
Opérez vos processus avec l'alerting, les tableaux de bord personnalisés et l...
Opérez vos processus avec l'alerting, les tableaux de bord personnalisés et l...Opérez vos processus avec l'alerting, les tableaux de bord personnalisés et l...
Opérez vos processus avec l'alerting, les tableaux de bord personnalisés et l...Elasticsearch
 

Recomendados

Building Trustworthy Containers
Building Trustworthy ContainersBuilding Trustworthy Containers
Building Trustworthy ContainersSysdig
 
Automated Security Hardening with OpenStack-Ansible
Automated Security Hardening with OpenStack-AnsibleAutomated Security Hardening with OpenStack-Ansible
Automated Security Hardening with OpenStack-AnsibleMajor Hayden
 
Microservices docker-security
Microservices docker-securityMicroservices docker-security
Microservices docker-securitySergio Loureiro
 
Patterns for Secure Containerized Applications (Docker)
Patterns for Secure Containerized Applications (Docker)Patterns for Secure Containerized Applications (Docker)
Patterns for Secure Containerized Applications (Docker)Erica Windisch
 
Tapping Hackers for Continuous Security: That's Hacker-Powered Security
Tapping Hackers for Continuous Security: That's Hacker-Powered SecurityTapping Hackers for Continuous Security: That's Hacker-Powered Security
Tapping Hackers for Continuous Security: That's Hacker-Powered SecurityHackerOne
 
Become a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza BeghalBecome a Threat Hunter by Hamza Beghal
Become a Threat Hunter by Hamza BeghalNull Singapore
 
Real security in a virtual environment - Infosecurity 2011
Real security in a virtual environment - Infosecurity 2011Real security in a virtual environment - Infosecurity 2011
Real security in a virtual environment - Infosecurity 2011David Geens
 
Opérez vos processus avec l'alerting, les tableaux de bord personnalisés et l...
Opérez vos processus avec l'alerting, les tableaux de bord personnalisés et l...Opérez vos processus avec l'alerting, les tableaux de bord personnalisés et l...
Opérez vos processus avec l'alerting, les tableaux de bord personnalisés et l...Elasticsearch
 
Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?Anton Chuvakin
 
Integrating DevOps and Security
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and SecurityStijn Muylle
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4Rodrigo Piovesana
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESIJNSA Journal
 
Security Patterns - An Introduction
Security Patterns - An IntroductionSecurity Patterns - An Introduction
Security Patterns - An IntroductionMarcel Winandy
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 
IDS Research
IDS ResearchIDS Research
IDS ResearchYehan Gunaratne
 
Anti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiAnti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiStonesoft
 
Risks vs real life
Risks vs real lifeRisks vs real life
Risks vs real lifeMona Arkhipova
 
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP'sAlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP'sAlienVault
 
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
 
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
 
Advice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityAdvice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityMighty Guides, Inc.
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentInfocyte
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systemsAlan Tatourian
 
Proving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsProving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsAshley Zupkus
 
Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...
Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...
Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...Seungjoo Kim
 
Safety versus security
Safety versus securitySafety versus security
Safety versus securityStephane Potier
 
In what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docxIn what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docxjaggernaoma
 
Meeting 15. network security
Meeting 15. network securityMeeting 15. network security
Meeting 15. network securitySyaiful Ahdan
 
TRUST Framework Talk 2023-03-10.pptx
TRUST Framework Talk 2023-03-10.pptxTRUST Framework Talk 2023-03-10.pptx
TRUST Framework Talk 2023-03-10.pptxEqual Experts
 
Will it matter if your child cannot code?
Will it matter if your child cannot code?Will it matter if your child cannot code?
Will it matter if your child cannot code?Equal Experts
 

Mais conteúdo relacionado

Semelhante a Continuous Security

Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?Anton Chuvakin
 
Integrating DevOps and Security
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and SecurityStijn Muylle
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4Rodrigo Piovesana
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESIJNSA Journal
 
Security Patterns - An Introduction
Security Patterns - An IntroductionSecurity Patterns - An Introduction
Security Patterns - An IntroductionMarcel Winandy
 
Anti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiAnti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiStonesoft
 
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP'sAlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP'sAlienVault
 
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
 
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
 
Advice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityAdvice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityMighty Guides, Inc.
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentInfocyte
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systemsAlan Tatourian
 
Proving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsProving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsAshley Zupkus
 
Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...
Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...
Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...Seungjoo Kim
 
In what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docxIn what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docxjaggernaoma
 
Meeting 15. network security
Meeting 15. network securityMeeting 15. network security
Meeting 15. network securitySyaiful Ahdan
 

Semelhante a Continuous Security (20)

Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?
 
Integrating DevOps and Security
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and Security
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
 
Security Patterns - An Introduction
Security Patterns - An IntroductionSecurity Patterns - An Introduction
Security Patterns - An Introduction
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
IDS Research
IDS ResearchIDS Research
IDS Research
 
Anti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiAnti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewski
 
Risks vs real life
Risks vs real lifeRisks vs real life
Risks vs real life
 
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP'sAlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
 
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
 
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...
 
Advice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityAdvice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT Cybersecurity
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systems
 
Proving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsProving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEs
 
Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...
Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...
Using the CGC's Fully Automated Vulnerability Detection Tools in Security Eva...
 
Safety versus security
Safety versus securitySafety versus security
Safety versus security
 
In what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docxIn what ways do you think the Elaboration Likelihood Model applies.docx
In what ways do you think the Elaboration Likelihood Model applies.docx
 
Meeting 15. network security
Meeting 15. network securityMeeting 15. network security
Meeting 15. network security
 

Mais de Equal Experts

TRUST Framework Talk 2023-03-10.pptx
TRUST Framework Talk 2023-03-10.pptxTRUST Framework Talk 2023-03-10.pptx
TRUST Framework Talk 2023-03-10.pptxEqual Experts
 
Will it matter if your child cannot code?
Will it matter if your child cannot code?Will it matter if your child cannot code?
Will it matter if your child cannot code?Equal Experts
 
Platform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterPlatform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterEqual Experts
 
Software development practices & Infrastructure as Code - how well do they wo...
Software development practices & Infrastructure as Code - how well do they wo...Software development practices & Infrastructure as Code - how well do they wo...
Software development practices & Infrastructure as Code - how well do they wo...Equal Experts
 
A Whole Team Approach to Quality in Continuous Delivery - Lisa Crispin
A Whole Team Approach to Quality in Continuous Delivery - Lisa CrispinA Whole Team Approach to Quality in Continuous Delivery - Lisa Crispin
A Whole Team Approach to Quality in Continuous Delivery - Lisa CrispinEqual Experts
 
Secure Continuous Delivery
Secure Continuous DeliverySecure Continuous Delivery
Secure Continuous DeliveryEqual Experts
 
Smoothing the continuous delivery path a tale of two architectures - expert...
Smoothing the continuous delivery path a tale of two architectures - expert...Smoothing the continuous delivery path a tale of two architectures - expert...
Smoothing the continuous delivery path a tale of two architectures - expert...Equal Experts
 
Embracing collaborative chaos (April 2020) by Lyndsay Prewer
Embracing collaborative chaos (April 2020) by Lyndsay PrewerEmbracing collaborative chaos (April 2020) by Lyndsay Prewer
Embracing collaborative chaos (April 2020) by Lyndsay PrewerEqual Experts
 
Design Systems: Designing out Waste, Designing in Consistency
Design Systems: Designing out Waste, Designing in ConsistencyDesign Systems: Designing out Waste, Designing in Consistency
Design Systems: Designing out Waste, Designing in ConsistencyEqual Experts
 
Growing Together - software development in the Developing world
Growing Together - software development in the Developing worldGrowing Together - software development in the Developing world
Growing Together - software development in the Developing worldEqual Experts
 
Infrastructure - a journey from datacentres to cloud
Infrastructure - a journey from datacentres to cloudInfrastructure - a journey from datacentres to cloud
Infrastructure - a journey from datacentres to cloudEqual Experts
 
Data Science In Action: Prenatal Screening for Down Syndrome
Data Science In Action: Prenatal Screening for Down SyndromeData Science In Action: Prenatal Screening for Down Syndrome
Data Science In Action: Prenatal Screening for Down SyndromeEqual Experts
 
The essentials of the IT industry or What I wish I was taught about at Univer...
The essentials of the IT industry or What I wish I was taught about at Univer...The essentials of the IT industry or What I wish I was taught about at Univer...
The essentials of the IT industry or What I wish I was taught about at Univer...Equal Experts
 
Secrets of an agile transformation
Secrets of an agile transformationSecrets of an agile transformation
Secrets of an agile transformationEqual Experts
 
Obstacles of Digital Transformation Evolution
Obstacles of Digital Transformation EvolutionObstacles of Digital Transformation Evolution
Obstacles of Digital Transformation EvolutionEqual Experts
 
Avoiding the security brick
Avoiding the security brickAvoiding the security brick
Avoiding the security brickEqual Experts
 
Embracing collaborative chaos
Embracing collaborative chaosEmbracing collaborative chaos
Embracing collaborative chaosEqual Experts
 
Organising for Continuous Delivery
Organising for Continuous DeliveryOrganising for Continuous Delivery
Organising for Continuous DeliveryEqual Experts
 
Cracking passwords via common topologies
Cracking passwords via common topologiesCracking passwords via common topologies
Cracking passwords via common topologiesEqual Experts
 
Inception Phases - Handling Complexity
Inception Phases - Handling ComplexityInception Phases - Handling Complexity
Inception Phases - Handling ComplexityEqual Experts
 

Mais de Equal Experts (20)

TRUST Framework Talk 2023-03-10.pptx
TRUST Framework Talk 2023-03-10.pptxTRUST Framework Talk 2023-03-10.pptx
TRUST Framework Talk 2023-03-10.pptx
 
Will it matter if your child cannot code?
Will it matter if your child cannot code?Will it matter if your child cannot code?
Will it matter if your child cannot code?
 
Platform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterPlatform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building Better
 
Software development practices & Infrastructure as Code - how well do they wo...
Software development practices & Infrastructure as Code - how well do they wo...Software development practices & Infrastructure as Code - how well do they wo...
Software development practices & Infrastructure as Code - how well do they wo...
 
A Whole Team Approach to Quality in Continuous Delivery - Lisa Crispin
A Whole Team Approach to Quality in Continuous Delivery - Lisa CrispinA Whole Team Approach to Quality in Continuous Delivery - Lisa Crispin
A Whole Team Approach to Quality in Continuous Delivery - Lisa Crispin
 
Secure Continuous Delivery
Secure Continuous DeliverySecure Continuous Delivery
Secure Continuous Delivery
 
Smoothing the continuous delivery path a tale of two architectures - expert...
Smoothing the continuous delivery path a tale of two architectures - expert...Smoothing the continuous delivery path a tale of two architectures - expert...
Smoothing the continuous delivery path a tale of two architectures - expert...
 
Embracing collaborative chaos (April 2020) by Lyndsay Prewer
Embracing collaborative chaos (April 2020) by Lyndsay PrewerEmbracing collaborative chaos (April 2020) by Lyndsay Prewer
Embracing collaborative chaos (April 2020) by Lyndsay Prewer
 
Design Systems: Designing out Waste, Designing in Consistency
Design Systems: Designing out Waste, Designing in ConsistencyDesign Systems: Designing out Waste, Designing in Consistency
Design Systems: Designing out Waste, Designing in Consistency
 
Growing Together - software development in the Developing world
Growing Together - software development in the Developing worldGrowing Together - software development in the Developing world
Growing Together - software development in the Developing world
 
Infrastructure - a journey from datacentres to cloud
Infrastructure - a journey from datacentres to cloudInfrastructure - a journey from datacentres to cloud
Infrastructure - a journey from datacentres to cloud
 
Data Science In Action: Prenatal Screening for Down Syndrome
Data Science In Action: Prenatal Screening for Down SyndromeData Science In Action: Prenatal Screening for Down Syndrome
Data Science In Action: Prenatal Screening for Down Syndrome
 
The essentials of the IT industry or What I wish I was taught about at Univer...
The essentials of the IT industry or What I wish I was taught about at Univer...The essentials of the IT industry or What I wish I was taught about at Univer...
The essentials of the IT industry or What I wish I was taught about at Univer...
 
Secrets of an agile transformation
Secrets of an agile transformationSecrets of an agile transformation
Secrets of an agile transformation
 
Obstacles of Digital Transformation Evolution
Obstacles of Digital Transformation EvolutionObstacles of Digital Transformation Evolution
Obstacles of Digital Transformation Evolution
 
Avoiding the security brick
Avoiding the security brickAvoiding the security brick
Avoiding the security brick
 
Embracing collaborative chaos
Embracing collaborative chaosEmbracing collaborative chaos
Embracing collaborative chaos
 
Organising for Continuous Delivery
Organising for Continuous DeliveryOrganising for Continuous Delivery
Organising for Continuous Delivery
 
Cracking passwords via common topologies
Cracking passwords via common topologiesCracking passwords via common topologies
Cracking passwords via common topologies
 
Inception Phases - Handling Complexity
Inception Phases - Handling ComplexityInception Phases - Handling Complexity
Inception Phases - Handling Complexity
 

Último

How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech studentsHimanshiGarg82
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...software pro Development
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...kalichargn70th171
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfproinshot.com
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionOnePlan Solutions
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024Mind IT Systems
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 

Último (20)

How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 

Continuous Security