Extending DevSecOps Security Controls into the Cloud: A SANS Survey

  • Wednesday, 28 Oct 2020 1:00PM EDT (28 Oct 2020 17:00 UTC)
  • Speakers: Eric Johnson, Jim Bird

​In previous years, SANS research has examined how security and risk management leaders are leveraging modern technologies, such as infrastructure as code, containerization and security automation, to manage security in fast-paced Agile and DevOps environments.

In this year's survey, authors Jim Bird and Eric Johnson will continue to explore how organizations are extending their DevSecOps security controls beyond their on-premises environments into the public cloud to secure their cloud networks, services and applications. Some highlights from the survey investigations include:

  • How the cloud helps organizations move faster
  • Whether organizations are putting their emphasis more on the left ( 'Dev ') or the right ( 'Ops ') of DevSecOps as implemented in the cloud
  • How InfoSec can take advantage of DevOps feedback loops and experiments to continuously assess, learn and improve the security of systems
  • How cloud continuous integration, continuous delivery and configuration management tools are being used compared with on-premises options

Learn how to leverage best practices in DevSecOps in today's cloud-based environment and how to use the most effective tools and technologies. Register now and be the first to receive the associated report, written by SANS analyst Jim Bird and SANS Application Security Curriculum product manager Eric Johnson.


1280px-Logo-Qualys.svg.pngCisco_Systems.pngLogRhythm Logorapid7.pngdownload.pngCloudPassage_logo.pngExtraHop Networks logoorca_logo.png