AppSec California 2020, January 21-24 at the Annenberg Beach House, Santa Monica, CA
Back To Schedule
Thursday, January 23 • 4:20pm - 5:10pm
The Security Phoenix from the ashes of DevOps

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The talk will take the audience on a journey from the origin of the security architecture, the challenge of cloud security and the role of an architect in the dev-sec-ops world. The talk explains the difference between traditional command and control governance and the solution to avoid starving automation and innovation with traditional security governance. During the talk, we will look at modern SDLC and what should be deployed step by step in each stage. We will explore: Security Gates and why they do not always work in dev-ops Automation how-tos: How to deploy cybersecurity at scale Why is important to know how to deal with people Automation in the pipeline is the king How to secure the design phase (design and requirements) How to secure dev and test How to convert threat modelling in use stories How to Deploy in production ensuring that the artefacts have been reviewed Audience Take Away: How to build a cybersecurity programme with architecture at the heart How to avoid traditional architecture pitfalls how to do governance at pace and when to apply traditional security governance how to mix governance and agile development as well as dev sec ops how to extract patterns from existing design the value of design principle patterns and why they are key to go fast. how and when to use tools (SAST/DAST) and how to lead engineer into secure code analysis How to manage libraries and how to guide team during the triage

avatar for Francesco Cipollone

Francesco Cipollone

Director NSC42Ltd, Head of Security Architecture HSBC GBM, Chair Cloud Security Alliance UK & Ireland, NSC42Ltd,
I’m Francesco, a Chief Information Security Officer (CISO) and cybersecurity advisor who specialises in strategy and cloud security. Fuelled with passion, curiosity and dissatisfaction for the status quo, I believe in protecting identities in cyberspace and creating a safer, more... Read More →

Thursday January 23, 2020 4:20pm - 5:10pm PST
Club Room