|
|
EVENT DETAILS |
AGENDA: 6:30pm - Doors open 6:30-7:00pm - Social 7:00-7:45pm - Talk followed by Q&A 7:45-8:30pm - Social / Wrap Up
Thanks to Stack Overflow for sponsoring the venue & food/drinks.
TALK DESCRIPTION: Title: Automate or Die - DevSecOps in the Age of Software Supply Chain Attacks
As nimble organizations deliver new innovations, adversaries are also upping their game; something weve seen in recent high profile & devastating cyber attacks. Bad actors have the intent & ability to exploit security vulnerabilities in the software supply chain - & in some cases plant vulnerabilities themselves. They have increased scale through automation & improved breach success through precision targeting. If we dont fight back by doing the same - automating security directly in the DevOps pipeline - then well always be at the hackers mercy. This session will provide new research on the above, & details on how to get started.
Key takeaways:
- Real-world examples of how large & small companies are implementing DevSecOps practices in their own delivery pipelines, & increasing developer awareness to risks - Key insights from the 2019 DevSecOps community report - including the top investments for automated security - A walkthrough of how security principles have been automated into a CICD pipeline & what standards for implementation are beginning to follow suite - Why DevSecOps is more than a buzzword, & why its vital to protecting your software supply chain - How automating security of policies makes it harder to ignore
SPEAKER BIO: Irina Tishelman, Solutions Architect, Sonatype
Born & raised in Moscow Russia, I earned a Bachelor in Computer Science degree & shortly after completing my education, my family moved to the USA.
Prior to joining Sonatype, I worked at Checkmarx as Sales Engineer, where I was responsible for driving & managing the technology evaluation stage of a sales process & post-sales customer support.
My earlier career included various positions within business intelligence & analytics, application development, database design, & project management.
Throughout my career, I have been fortunate to work for companies with diverse expertise from finance & publishing to healthcare & insurance.
Working in the field of cybersecurity is particularly rewarding. Its powerful to connect with people over the things that make a real impact.
In my spare time, I am an avid skier, scuba diver, yoga enthusiast, & world traveler.
When I am not on the slopes, I am passionate about attending as many Opera, ballet, & theater performances as I can.
============================
If you or anyone you know is interested in speaking please submit your talk here: https://goo.gl/forms/ZM0pgg7FN77Cv7uy2
|
|
|
|
|
|