Best Offers of the Year Ends Tomorrow - Don't Miss Out! Get an iPad Air with Smart Keyboard or Pixel 4a Smartphone!


To attend this webcast, login to your SANS Account or create your Account.

DevSecOps - Building Continuous Security Into IT & App Infrastructures

  • Tuesday, October 10, 2017 at 1:00 PM EDT (2017-10-10 17:00:00 UTC)
  • Chris Carlson, John Pescatore


  • Qualys

You can now attend the webcast using your mobile device!



Security teams must adapt security controls to the growing use of DevOps processes such as cloud services, Continuous Integration and Continuous Deployment. Many of them are adopting an approach of Security delivered as a service, or DevSecOps.

In this webcast, SANS Senior Analyst John Pescatore joins Chris Carlson, VP Product Management for Qualys Cloud Agent Platform, to discuss how DevSecOps helps security teams work with DevOps to embed continuous security into IT and application infrastructure, and how to get started and build a DevSecOps program for improved and automated auditing, compliance, and control of applications.

The presentation will cover:

  • How and why security teams are partnering with app developers and sysadmins to build continuous security capabilities that are embedded into the fabric of IT and application infrastructures
  • The key elements of DevOps and modern cloud architecture models driving quality and rapid technical innovation, and how they successfully drive business value
  • Why applying DevOps and cloud architecture models to security delivers business value such as lower overall risk, capital expense, and operating costs
  • Methods to build DevSecOps into both cloud-first and cloud migration infrastructure deployments and achieve common business benefits in either environment
  • The initial steps security teams can take right away to engage application and DevOps counterparts in DevSecOps, and milestones to achieve for quick wins with business value as well as control in active projects.
  • Case studies on three industry leaders in how security is applied to DevOps to support secure digital transformation projects.

This webcast will include a live Q&A session.

Speaker Bios

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

Chris Carlson

Chris Carlson is Vice President, Product Management at Qualys, responsible for definition, roadmap, and strategy of the Qualys Cloud Agent technology. He has more than 20 years of security industry experience spanning firewalls, VPNs, and intrusion prevention systems, to real-time event-processing, security analytics, and next-generation endpoint platforms. In addition to security architecture roles at UBS and Booz Allen and Hamilton, he has 15 years of product management experience at venture-funded start-ups and leading product companies like Hexis Cyber Solutions, Trustwave, Informatica and Agent Logic.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.