Conference Venue: RAI Amsterdam, Europaplein 24, 1078 GZ Amsterdam, The Netherlands

Book Hotel click HERE
Back To Schedule
Thursday, September 26 • 10:15am - 11:00am
Controlled Mayhem with Cloud Native Security Pipelines

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Managing security within a cloud-native development pipeline requires reimagining traditional security rituals. With hybrid and multi-cloud deployments as well as different container runtimes, orchestration platforms, and technology stacks, getting it right requires more than tooling. We must understand how our teams build software and consume telemetry gleaned through operations. This talk will dive into building with isolation in mind and limiting the damage of a compromised service within an environment. It starts with development and extends through deploying software to the runtime environment. This presentation’s goal is to provide strategies on moving security both to the left and to the right in our software development lifecycle. This presentation will explain the distinct differences between shipping traditional software and how the cloud-native development pipeline changes things. We will focus on popular projects from the Continuous Delivery Foundation (CDF) including Jenkins X, Spinnaker, and Tekton and using them with Kubernetes. We'll examine the non-linear pipelines we're building, the additional steps we've introduced, and the consequences of how CI/CD works in cloud-native shops. At the end of this presentation, you'll be ready to tighten up your stack with new tricks to solidify your cloud-native CI/CD pipeline and the additional security dilemmas it presents.

avatar for Jack Mannino

Jack Mannino

CEO, nVisium
Jack Mannino is the CEO of nVisium. Passionate about security and impossible to keep away from a keyboard, his expertise spans over 15 years of building, breaking, and securing software. Jack founded nVisium in 2009, and since then has helped the world's largest software teams enhance... Read More →
avatar for Ben Pick

Ben Pick

Senior Security Consultant, nVisium
Ben Pick has worked in the application security industry for over a decade in such roles as Security Analyst, DevSecOps Engineer, and IDS Monitor while bouncing between red and blue teams. He has spoken at local conferences, meetups, and provided training for improving CI/CD pipelines... Read More →

Thursday September 26, 2019 10:15am - 11:00am CEST