Rich has 20 years experience in information security, physical security, and risk management. He is a founder of DisruptOPS, a cloud operations and security platform, and the independent research firm Securosis. He is also the principle course designer of the Cloud Security Alliance training class, main writer of the CSA Guidance version 4, and actively works on developing hands-on cloud security techniques. Prior to founding DisruptOPS and
Securosis, Rich was a Research Vice President at Gartner on the security team. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of Colorado, and systems and network administrator.
Rich is the Security Editor of TidBITS and is a frequent industry speaker at events including the RSA Security Conference, Black Hat, and DefCon, and has spoken on every continent except Antarctica (where he's happy to speak for free -- assuming travel is covered).
Security guardrails are an incredible way to keep our cloud deployments safer without slowing things down. Taking this structured approach will minimize friction while increasing protection. When I first started working hands-on ...
I get it. Cloud and DevOps are disruptive and create new risks. I’m a security pro; one with decades of hard-earned experience telling me that with great chaos comes great opportunity… for ...
Last week Andrew Storms put up a good post hinting at the promise of security automation in [SecDevOps: Security Automation By Example – The Firewall Change]. He included an example of automating ...
No, not that kind of hacking, give me a little credit... Recently I was having a conversation with a consulting friend about DevOps, and he found himself in a bit of a ...
I realize it is traditional to start writing a new blog with some background and a deep introspection as to the author's personal motivation for writing said blog, but I've never been ...