Security, security, security! Everyone is always talking about it, but are we doing anything about it? It’s daunting, it’s a huge topic, where do you even start? Start with this selection of sessions at this year’s DevOps World | Jenkins World event, geared to help you make real, tangible improvements to the security of your source code infrastructure. It doesn’t have to be overwhelming or confusing; experts from Fugue, Contrast Security, and CloudBees can help you out with practical examples and automation approaches that improve your security posture without magnifying your workload.
|Using Chaos Engineering for Resilient Cloud Infrastructure Security||Infrastructure misconfiguration is the top cause of cloud data breaches today due to human error, a lack of policy controls in CI/CD pipelines, and threat actors. These malicious actors are often able to find and exploit the vulnerabilities caused by misconfigurations before legitimate cloud tools can. As a result, security teams can only react to the exploit instead of preventing it. One way to avoid reactionary security is to perform misconfiguration simulations and identify security gaps before threat actors do. This session will cover how cloud misconfigurations happen and how to avoid them.||Ricardo Green – Fugue – Senior Solutions Architect|
|Thinking about Jenkins Security||This session is a condensed version of a training course accompanied by demonstrations of important security concepts and best practices for protecting Jenkins.||Mark Waite – CloudBees – Technical Evangelist|
|Automating Application Security for Modern Software||Traditional approaches to application security slow down software development and deployment while the shortage of skilled security staff makes many tasks unmanageable. This session will cover how automation can help with software vulnerability detection and exploit prevention, as well as how to incorporate it into the CI/CD process and Jenkins pipeline.||Robert Statsinger – Contrast Security – Senior Solutions Architect|