Final Week to Get an iPad Pro w/ Smart Keyboard, HP ProBook, or $350 Off with OnDemand and vLive Training!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Cloud Security and DevOps Automation: Keys for Modern Security Success

  • Tuesday, April 9th, 2019 at 3:30 PM EDT (19:30:00 UTC)
  • Eric Johnson
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

       

Modern development teams deliver features at a rapid pace using new technologies such as containers, microservices, and serverless functions. Operations and infrastructure teams support these rapid delivery cycles using Infrastructure as Code, Test Driven Infrastructure (TDI), and Cloud infrastructure automation. However, security teams are using traditional security approaches that dont keep up with the rate of accelerated change. Security must be reinvented in a DevOps world by taking advantage of the opportunities provided by automated continuous integration, delivery, and monitoring tools.

Join us for the first of a four-part web cast series covering the latest in Cloud & DevOps Security Automation. This webcast will introduce attendees to 5 key phases of DevOps: pre-commit, commit, acceptance, production, and operations. In each phase, we identify the key cloud security controls and discuss several open source tools for implementing the controls. Attendees will walk away with a practical and modern approach for building a successful Cloud and DevSecOps program.

Topics covered in this webcast series are directly related to the latest course updates to the SANS SEC540: Cloud Security and DevOps Automation course.

For more information on SEC540: Cloud Security & DevOps Automation, visit sans.org/sec540

Speaker Bio

Eric Johnson

Eric is a co-founder and principal security engineer at Puma Security focusing on modern static analysis product development and DevSecOps automation. His experience includes application security automation, cloud security reviews, static source code analysis, web and mobile application penetration testing, secure development lifecycle consulting, and secure code review assessments.

Previously, Eric spent 5 years as a principal security consultant at an information security consulting firm helping companies deliver secure products to their customers, and another 10 years as an information security engineer at a large US financial institution performing source code audits.

As a Certified Instructor with the SANS Institute, Eric authors information security courses on DevSecOps, cloud security, secure coding, and defending mobile apps. He serves on the advisory board for the SANS Security Awareness Developer training program, delivers security training around the world, and presents security research at conferences including SANS, BlackHat, OWASP, BSides, JavaOne, UberConf, and ISSA.

Eric completed a bachelor's degree in computer engineering and a masters degree in information assurance at Iowa State University, and currently holds the CISSP, GWAPT, GSSP-.NET, and GSSP-Java certifications.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.