SANS Offensive Operations West 2021 features 10+ Live Online courses, Core NetWars, and Coin-A-Palooza! Register now.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Extending DevSecOps Security Controls into the Cloud: A Panel Discussion of the 2020 SANS Survey

  • Wednesday, November 04, 2020 at 1:00 PM EST (2020-11-04 18:00:00 UTC)
  • Jim Bird, Eric Johnson, Dan Frey, Alex Mandernack, Carson Sweet


  • CloudPassage
  • ExtraHop
  • Qualys

You can now attend the webcast using your mobile device!



In this webcast, survey authors Jim Bird and Eric Johnson will join security experts representing the survey sponsors to discuss results from the SANS 2020 survey, Extending DevSecOps Security Controls into the Cloud. This roundtable will also explore best practices for DevSecOps teams to follow when leveraging todays cloud-based environments.

Register today to be among the first to receive the associated whitepaper written by SANS analyst and course author Jim Bird and SANS instructor and course author Eric Johnson.

Click here to register for survey results webcast to be held at 1 PM ET on Wednesday, October 28, 2020.

Speaker Bios

Jim Bird

Jim Bird, SANS analyst and co-author of SEC540 Cloud Security & DevOps Automation, is an active contributor to the Open Web Application Security Project (OWASP), and an author of books on Agile Security and DevSecOps. He has worked at major technology organizations and financial institutions around the world in software development, operations and IT security.

Eric Johnson

Eric is a Co-founder and Principal Security Engineer at Puma Security and a Senior Instructor with the SANS Institute. His experience includes cloud security assessments, cloud infrastructure automation, static source code analysis, web and mobile application penetration testing, secure development lifecycle consulting, and secure code review assessments. Eric is the lead author and an instructor for SEC540: Cloud Security and DevOps Automation, a co-author and instructor for both the brand new SEC510: Public Cloud Security: AWS, Azure, and GCP, and the upcoming SEC584: Cloud Native Security: Defending Containers & Kubernetes. Additionally, Eric is a SANS Security Awareness Developer Training Advisory Board Member and SANS Analyst for Application Security and DevSecOps Surveys. Read more about Eric here.

Dan Frey

Dan Frey is currently a Marketing Manager with ExtraHop on the Cloud marketing team. He has worked in the cyber security arena since 2007 in various product marketing and management roles with companies including Symantec, McAfee/Intel, Fortinet and Check Point, focusing on cloud, endpoint and network security. Dan holds a BS in Electrical Engineering from the California State University system.


Alex Mandernack

Alex Mandernack is a Security Solution Architect at Qualys, focusing on Cloud and Container Security from an engineering and architecture perspective. Alex is a liaison between customers and product teams and provides a hands-on, real-world perspective. Before joining Qualys in 2018, Alex held leadership positions in various organizations from startups to MSPs and publicly traded companies.

Carson Sweet

Carson Sweet is co-founder and chief executive officer for CloudPassage. Carson led the team that created Halo, the patented security platform that changes the way enterprises achieve infrastructure protection and compliance. Carson’s information security career spans three decades and includes a broad range of entrepreneurial, management and hands-on technology experience.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.