Guest Speaker- William Henry, Red Hat - DevSecOps Discussion
With the exciting news of IBM's acquisition of Red Hat, IC4 is delighted to announce that DCU graduate William Henry, Portfolio Architectures Senior Director of Red Hat will be co coming to DCU for DevSecOps Discussion.
About the talk
Moving to containers and Cloud Native does not automatically solve your continuous integration and continuous deployment challenges. For one thing, cloud-native does not automatically mean secure. There is a lot of affirmation about shifting security left in the lifecycle. However, that means more than just having the communications between development, operations and security. It requires automating security at scale. If you don’t secure your supply chain and software manufacturing pipeline it can cost you lost business, massive unnecessary technical debt and the costs associated with that, or the complete failure of your business.
Security does not happen in one place in the infrastructure or application lifecycle. Instead, security must be addressed continuously across application pipeline, infrastructure pipeline, and the supply chain. And all of these areas need to be continuously monitored.
Cloud Native based development and operation brings its own set of challenges. It can have great benefits when combined with good practices and automation. However, there are often too many assumptions made about the security of both the platform and the lifecycle. In this session will dive into specifically how developers and operators can successfully achieve DevSecOps through automation, standardization, everything as code, centralized management and visibility, automated security compliance, built-in security in the application pipeline, and proactive security and automated risk management.
What will it focus on?
The talk will focus on four areas: application pipeline, infrastructure pipeline, supply chain, and monitoring and logging. Then we will look at how cloud-native approaches and tooling are addressing different problems in these areas. All with the goal of reducing risk and raising the level of confidence in the software manufacturing and delivery pipeline.
- Registration - 13:30 - 13:45
- DevSecOps Discussion 13:45 - 14:45
- Questions & Answers 14:45 - 15:00