DevOps.com

Where the world meets DevOps

Rich Mogull

https://disruptops.com
Rich has 20 years experience in information security, physical security, and risk management. He is a founder of DisruptOPS, a cloud operations and security platform, and the independent research firm Securosis. He is also the principle course designer of the Cloud Security Alliance training class, main writer of the CSA Guidance version 4, and actively works on developing hands-on cloud security techniques. Prior to founding DisruptOPS and Securosis, Rich was a Research Vice President at Gartner on the security team. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of Colorado, and systems and network administrator. Rich is the Security Editor of TidBITS and is a frequent industry speaker at events including the RSA Security Conference, Black Hat, and DefCon, and has spoken on every continent except Antarctica (where he's happy to speak for free -- assuming travel is covered).
Building Great Cloud Security Guardrails

Building Great Cloud Security Guardrails

| cloud, devops, devsecops, guardrails
Security guardrails are an incredible way to keep our cloud deployments safer without slowing things down. Taking this structured approach will minimize friction while increasing protection. When I first started working hands-on ...
Cloud Security: Software Defined. Event Driven. Awesome.

Cloud Security: Software Defined. Event Driven. Awesome.

| cloud, devops, event driven security, security, software defined security
I get it. Cloud and DevOps are disruptive and create new risks. I’m a security pro; one with decades of hard-earned experience telling me that with great chaos comes great opportunity… for ...
Security automation with DevOps: show me the code!

Security automation with DevOps: show me the code!

| Amazon, automation, AWS, Chef, devops, Puppet, secdevops, security, tools
Last week Andrew Storms put up a good post hinting at the promise of security automation in [SecDevOps: Security Automation By Example – The Firewall Change]. He included an example of automating ...
Hacking Your Auditor

Hacking Your Auditor

| auditor, change management, devops, hacking, secops, securosis
No, not that kind of hacking, give me a little credit... Recently I was having a conversation with a consulting friend about DevOps, and he found himself in a bit of a ...
Bootstrapping Chef (or Whatever) for Autoscaled EC2 Instances

Bootstrapping Chef (or Whatever) for Autoscaled EC2 Instances

| AWS, bootstrap, Chef, defcon, ec2
I realize it is traditional to start writing a new blog with some background and a deep introspection as to the author's personal motivation for writing said blog, but I've never been ...