With attackers continuing to hammer weaknesses in software, organizations must prioritize application security more than ever, says Ian Ashworth of Synopsys. Thankfully, developers and middle management - bolstered by agile methodologies and DevOps - are increasingly leading the charge.
In today's modern DevOps organizations, demonstrating security and compliance is still essential whether you are building in the cloud or on prem. As cloud infrastructure continues to evolve through the adoption of microservices and containers - demonstrating compliance becomes even more challenging.
Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.
As organizations pursue digital transformation initiatives backed by new application deployment techniques, they must ensure that security, operations and development teams fully coordinate, says Marco Rottigni of Qualys.
The annual Infosecurity Europe conference this year returned to London. Here are visual highlights from the event, which featured over 240 sessions and more than 400 exhibitors, 19,500 attendees and keynotes covering data breaches, darknets, new regulations and more.
Given today's increasing IT complexity and scale, it's become imperative to break down the barriers between Security and IT groups and align them including their tools, processes, and skills around a common goal: delivering a fast and secure user experience while enabling business agility.
For CIOs and CISOs who...
Migrating from on-premises data security to the cloud and then embedding security in the application development process are common challenges for enterprises. Dan Fitzgerald, a CISO at the consultancy McKinsey & Co., shares insights on how to make these transitions.
Stories, practical experiences, anecdotes and a bit of humor about creating and managing cloud security programs and the journey to devsecops. This will be an interactive session.
The session will cover:
Key components of cloud security programs and the basics of devsecops
Real world challenges and practical...
When a healthcare provider develops its own applications that handle patient data, it must take critical steps to safeguard protected health information and ensure HIPAA compliance, says privacy attorney Adam Greene.
By adopting DevSecOps practices, security is finding itself adding significant value to organizations, helping them move faster and safer by working with development and operations teams. Yet according to the SANS 2018 survey, Secure DevOps: Fact or Fiction?, adoption is still in its infancy, and most organizations...
The practices of DevOps, Continuous Delivery and Agile have become common place for some time now among the development and operations teams in most organizations, and now they are surfacing in security teams. This change is rippling across the organization and breaking down silos for software delivery. Teams are...