Ending Soon: Get a MacBook Air or Surface Pro 7 with 5 or 6 Day Training - Best Offers of the Year!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

A DevSecOps Playbook

  • Tuesday, March 08, 2016 at 1:00 PM EST (2016-03-08 18:00:00 UTC)
  • Amrit Williams, Dave Shackleford


  • CloudPassage

You can now attend the webcast using your mobile device!



The conflict between speed and security is becoming more intense in companies that use DevOps and other continuous-development methods to change business applications quickly enough to keep up with changes in business. Teams driving bug-free code and continuous deployment may balk at any delay for testing or security between code freeze and code release.

It is possible, however, to implement good security practices early and in ways that are effective enough to secure high-speed DevOps projects without being a drag on delivery schedules.

In this webcast, you will hear about methods designed to counter the inherent difficulties of applying traditional security tools and practices to continuous development and more effective ways to make the two work together without interfering with one another. The discussion will include a series of best-practice recommendations on the integration of stand-alone tools into frameworks that combine and automate those functions and about the broad potential of security fabrics that orchestrate the operation of many controls across many systems in ways consistent with the needs of continuous-development teams and the applications they deliver.

Be among the first to receive the associated whitepaper written by Dave Shackleford.

View the associated whitepaper here.

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

Amrit Williams

Amrit Williams has more than 20 years of experience in information technology and is currently the CTO of CloudPassage. Previously Amrit was the director of Emerging Security Technologies and CTO for mobile computing at IBM. Prior to IBM, Amrit was a research director in the Information Security and Risk Research Practice at Gartner, Inc. where he covered vulnerability and threat management, network security, security information and event management, risk management, and secure application development. Previously, Amrit was a director of engineering for nCircle Network Security and held leadership positions at Consilient Inc., Network Associates and McAfee Associates.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.