One More Week for MacBook Air, $400 Amazon Gift Card, or Take $400 Off with OnDemand Training


To attend this webcast, login to your SANS Account or create your Account.

Secure DevOps: Fact or Fiction? SANS Survey Looks at Reality, Part I

  • Thursday, November 08, 2018 at 1:00 PM EST (2018-11-08 18:00:00 UTC)
  • Jim Bird, Barbara Filkins, Dan Kuykendall, Zane Lackey, Rani Osnat


  • Qualys

You can now attend the webcast using your mobile device!



In previous years, SANS research has examined how application security programs have kept pace with the increasing speed of delivery in agile and DevOps organizations. But integrating security into DevOps requires more than speed. To be truly effective in today's on-premise, cloud and hybrid environments, it requires new mind-sets, processes and tools. A new survey of SANS practitioners has examined how security and risk management leaders will manage the collaborative, agile nature of DevOps to be seamless and transparent in the development process.

In this webcast, Part 1 on the topic, SANS Analyst Authors Jim Bird and Barb Filkins will reveal how practitioners are handling evolving DevOps requirements and challenges, and how they're integrating security into the process.

Results will initially be discussed at the Secure DevOps Summit & Training, Oct. 22-29, 2018. Click here to view the whitepaper.

Register for Part II of this webcast here.

Speaker Bios

Jim Bird

Jim Bird, SANS analyst and co-author of SEC540 Cloud Security & DevOps Automation, is an active contributor to the Open Web Application Security Project (OWASP), and an author of books on Agile Security and DevSecOps. He has worked at major technology organizations and financial institutions around the world in software development, operations and IT security.

Barbara Filkins

Barbara Filkins, SANS Analyst Program Research Director, holds several SANS certifications, including the GSEC, GCIH, GCPM, GLEG and GICSP, the CISSP, and an MS in information security management from the SANS Technology Institute. She has done extensive work in system procurement, vendor selection and vendor negotiations as a systems engineering and infrastructure design consultant. Barbara focuses on issues related to automation—privacy, identity theft and exposure to fraud, plus the legal aspects of enforcing information security in today’s mobile and cloud environments, particularly in the health and human services industry, with clients ranging from federal agencies to municipalities and commercial businesses.

Dan Kuykendall

Dan Kuykendall is the senior director of application security products at Rapid7, where he directs the strategic vision, research and product development for the company’s application security solutions. In addition to keeping up with the latest attack patterns, Dan remains focused on one of the toughest aspects of application security: the rapidly evolving web and mobile application development trends. He does this with the philosophy that we need to help security experts keep up by automating as much as possible to free up pen testers for the tough work that requires human brains.

Zane Lackey

Zane Lackey is the founder of Signal Sciences Corporation and serves as its CSO. Before co-founding Signal Sciences, Zane built and led the Etsy Security Team, where he pioneered and published new approaches to practical defense based on his background in offensive security. A respected voice in the industry, he serves on advisory boards at the Internet Bug Bounty Program and the U.S. State Department-backed Open Technology Fund. He's also been featured by BBC, Associated Press, Forbes and Wired and invited to lecture at top industry conferences and universities.

Rani Osnat

Rani Osnat is VP of product marketing at Aqua Security, a container and cloud-native security platform provider. He is a frequent blogger and presenter on the topics of container security, Kubernetes security, and DevSecOps. Rani has more than 20 years of enterprise software industry experience, including a decade as VP of marketing for innovative tech startups in the cybersecurity and cloud arenas. Prior to that, Rani was a management consultant in the London office of strategy consultancy Booz & Co. He holds an MBA from INSEAD in Fontainebleau, France. Rani is an avid wine geek, and a slightly less avid painter.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.