Gauntlet Kickoff at Austin OWASP Hackathon

More from James Wickett

DevOps and the subsequent move to bring security in under the umbrella of DevSecOps has created a new ethos for Security. This is good. But, when things go wrong–and we know they will–are we going to be successful with the DevSecOps model, or will we be left searching yet again? In an attempt to answer this question, we will look back in time over 120 years to unveil a tale that touches on business, engineering, and resilience. We will see how engineering decisions affect the lives of those around us, and even though the world has radically changed over the last century, we are still facing many of the same root challenges. Along the way, we will highlight the high-performing DevSecOps teams of today and introduce a framework for approaching DevSecOps in your organization. Topics range from empathy to lean to system safety with the hope to frame a new playbook for devs, ops, and security to work together.

A DevSecOps Tale of Business, Engineering, and People

James Wickett

Talk given for https://www.thesecuredeveloper.com/events/the-new-ways-of-devsecops DevOps and the subsequent move bring security in under the umbrella of DevSecOps has created a new an ethos for security. This is good, however moving security and devops closer together in many organizations leaves us with questions of how this merge works in practice. What happens to security? To developers? And where does chaos engineering fit in? This talk highlights security's place in DevOps and how topics ranging from empathy to chaos to system safety fit in organizations today. The hope is to uncover a new playbook for devs, ops, and security to work together.

The New Ways of DevSecOps - The Secure Dev 2019

James Wickett

DevOps and the subsequent move bring security in under the umbrella of DevSecOps has created a new an ethos for security. This is good, however moving security and devops closer together in many organizations leaves us with questions of how this merge works in practice. What happens to security? To developers? And where does= chaos engineering fit in? This talk highlights security's place in DevOps and how topics ranging from empathy to chaos to system safety fit in organizations today. The hope is to uncover a new playbook for devs, ops, and security to work together.

NewOps Days 2019: The New Ways of Chaos, Security, and DevOps

James Wickett

VMware Thought Leadership Series: The New Ways of Chaos, Security, and DevOps Abstract: DevOps and the subsequent move bring security in under the umbrella of DevSecOps has created a new an ethos for security. This is good, however moving security and DevOps closer together in many organizations leaves us with questions of how this merge works in practice. What happens to security? To developers? And where does chaos engineering fit in? This talk highlights security's place in DevOps and how topics ranging from empathy to chaos to system safety fit in organizations today. The hope is to uncover a new playbook for devs, ops, and security to work together.

The New Ways of Chaos, Security, and DevOps

James Wickett

James Wickett and Karthik Gaekwad talk about Serverless Security at DevOps Days Austin. Security in FaaS isn't what we are used to, but this talk shows you how what we learned in appsec still applies. Using LambHack, which is a vulnerable serverless application written in Go on AWS Lambda using Sparta, we will evaluate how to do security in serverless. In this talk, we will talk about security strategies and pitfalls in the serverless world. You'll leave with an understanding of how to approach security conversations about serverel Talk goals: - How to approach the security concerns in a serverless world. - Talk about the 'WIP' methodology for serverless security. - Understand current serverless attacks for things to defend against. - Learn what different cloud providers (AWS/GKE/Azure/Oracle Cloud) do to protect you in a serverless world.

DevOpsDays Austin: Security in the FaaS Lane

James Wickett

DevOps and the subsequent move bring security in under the umbrella of DevSecOps has created a new ethos for security. This is good, however moving security and devops closer together in many organizations leaves us with questions of how this merge works in practice. What happens to security? To developers? And really, what makes a good DevSecOp? This talk highlights the seven habits that the high-performing DevSecOp of today (and tomorrow) should develop. Topics range from empathy to lean to system safety with the hope to uncover a new playbook for devs, ops, and security to work together.

The Seven Habits of the Highly Effective DevSecOp

James Wickett

Serverless Security: A How-to Guide @ SnowFROC 2019

James Wickett

DevSecOps brings security to the DevOps party and it is completely changing the security playbook. This talk will cover 10 practices and patterns we have implemented that bring DevSecOps value to everyone involved. This talk will be loaded with examples that will be usable for developers, security and operations teams and you can take home next week to put into practice. Shannon Lietz, Intuit James WIckett, Signal Sciences RSA Conference 2019

Release Your Inner DevSecOp

James Wickett

Security in the FaaS Lane

James Wickett

The New Security Playbook: DevSecOps

James Wickett

The Emergent Cloud Security Toolchain for CI/CD

James Wickett

Adversary Driven Defense in the Real World

James Wickett

All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table. Presented at LASCON 2018, in Austin, TX.

The DevSecOps Builder’s Guide to the CI/CD Pipeline

James Wickett

DevSecOps and the CI/CD Pipeline

James Wickett

The State of DevSecOps in 2018

James Wickett

Call it what you will - DevSecOps, DevOpsSec, Rugged, Agile Application Security, Shift Left Unicorn Dust AppSec,... The face of security is changing. We'll go through the results of the DevSecOps Community Survey and examine the trends. Then we'll lead a group discussion on the topic. How have you tried to make security part of your SDLC? What have you seen work? What hasn't? What's important to you? From Austin OWASP meetup in June 2018

DevSecOps in the Year 2018

James Wickett

DevSecOps and the New Path Forward

James Wickett

The Emergent Cloud Security Toolchain for CI/CD given at RSA Conference 2018 in San Francisco. All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table. Learning Objectives: 1: Learn the emerging patterns for security in CI/CD pipelines. 2: Receive a pragmatic security toolchain for CI/CD to use in your organization. 3: Understand the real meaning of DevSecOps is without all the hype.

The Emergent Cloud Security Toolchain for CI/CD

James Wickett

AppSec California 2018: The Path of DevOps Enlightenment for InfoSec

James Wickett

LambHack: A Vulnerable Serverless Application

James Wickett

More from James Wickett (20)

A DevSecOps Tale of Business, Engineering, and People

The New Ways of DevSecOps - The Secure Dev 2019

NewOps Days 2019: The New Ways of Chaos, Security, and DevOps

The New Ways of Chaos, Security, and DevOps

DevOpsDays Austin: Security in the FaaS Lane

The Seven Habits of the Highly Effective DevSecOp

Serverless Security: A How-to Guide @ SnowFROC 2019

Release Your Inner DevSecOp

Security in the FaaS Lane

The New Security Playbook: DevSecOps

The Emergent Cloud Security Toolchain for CI/CD

Adversary Driven Defense in the Real World

The DevSecOps Builder’s Guide to the CI/CD Pipeline

DevSecOps and the CI/CD Pipeline

The State of DevSecOps in 2018

DevSecOps in the Year 2018

DevSecOps and the New Path Forward

The Emergent Cloud Security Toolchain for CI/CD

AppSec California 2018: The Path of DevOps Enlightenment for InfoSec

LambHack: A Vulnerable Serverless Application

Recently uploaded

AXA XL - Insurer Innovation Award Americas 2024

The Digital Insurer

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

Keynote 2: APIs in 2030: The Risk of Technological Sleepwalk Paolo Malinverno, Growth Advisor - The Business of Technology Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

apidays

MS Copilot expands with MS Graph connectors

Nanddeep Nachan

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

When you’re building (micro)services, you have lots of framework options. Spring Boot is no doubt a popular choice. But there’s more! Take Quarkus, a framework that’s considered the rising star for Kubernetes-native Java. It always depends on what's best for your situation, but how to choose the best solution if you're comparing 2 frameworks? Both Spring Boot and Quarkus have their positives and negatives. Let us compare the two by live coding a couple of common use cases in Spring Boot and Quarkus. After this talk, you’ll be ready to get started with Quarkus yourself, and know when to select Quarkus or Spring Boot.

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Jago de Vreede

In the thrilling conclusion to 2023, ransomware groups had a banner year, really outdoing themselves in the "make everyone's life miserable" department. LockBit 3.0 took gold in the hacking olympics, followed by the plucky upstarts Clop and ALPHV/BlackCat. Apparently, 48% of organizations were feeling left out and decided to get in on the cyber attack action. Business services won the "most likely to get digitally mugged" award, with education and retail nipping at their heels. Hackers expanded their repertoire beyond boring old encryption to the much more exciting world of extortion. The US, UK and Canada took top honors in the "countries most likely to pay up" category. Bitcoins were the currency of choice for discerning hackers, because who doesn't love untraceable money?

Ransomware_Q4_2023. The report. [EN].pdf

Overkill Security

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

ICT role in 21st century education and its challenges

rafiqahmad00786416

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

DBX First Quarter 2024 Investor Presentation

Dropbox

Manulife - Insurer Transformation Award 2024

The Digital Insurer

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Zilliz

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

Recently uploaded (20)

AXA XL - Insurer Innovation Award Americas 2024

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

MS Copilot expands with MS Graph connectors

Strategies for Landing an Oracle DBA Job as a Fresher

[BuildWithAI] Introduction to Gemini.pdf

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Ransomware_Q4_2023. The report. [EN].pdf

2024: Domino Containers - The Next Step. News from the Domino Container commu...

ICT role in 21st century education and its challenges

presentation ICT roal in 21st century education

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DBX First Quarter 2024 Investor Presentation

Manulife - Insurer Transformation Award 2024

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Gauntlet Kickoff at Austin OWASP Hackathon

Recommended

Recommended

More Related Content

More from James Wickett

More from James Wickett (20)

Recently uploaded

Recently uploaded (20)

Gauntlet Kickoff at Austin OWASP Hackathon