DevOps Connect: DevSecOps Days @ RSAC 2019

DevOps Connect: DevSecOps Day @ RSAC 2019

Moscone South Level 3

Monday, March 4, 2019

DevOps Connect: DevSecOps Day is free to all RSAC badge holders

DevOps.com & Security Boulevard are excited to announce the 5th annual DevOps Connect: DevSecOps Day @ RSAC 2019. Once again DevSecOps Day @ RSAC will take place on the Monday of RSAC week, March 4th. This year DevSecOps Day will be held Moscone South Level 3.

In the past few years, security integration within the DevOps pipeline has given rise to the idea of DevSecOps. Once seen as the bottleneck and inhibitor of the development and deployment process, security has become an integral part of the movement towards automation and the removal of manual oversight enforcement. As stated in the DevSecOps Manifesto, “We must adapt our ways to ensure data security and privacy issues are not left behind because we were too slow to change.” There are practitioners in the field who are pushing forward with the idea of creating a secure application development pipeline, with security integrated from conception to deployment.

In this year’s DevOps Connect: DevSecOps Day at RSA Conference 2019, you’ll hear stories from those practitioners, explaining how they made the cultural transformation from legacy development and deployment processes to integrated systems that include security as a part of the process, not as an overseer or bottleneck to secure application development. This series of first person talks will give you a perspective on how you and your team can enable faster application development with more rapid deployment to production, while integrating security into your DevOps initiatives.

Attendees selecting this seminar will have their contact details shared with DevOps Connect.

 

Register Now!

 

DevSecOps Days Wine-ing (Not Whining) Cocktail Party. RSAC 2019

 

Join us for the 5th annual DevOps Wine-ing (no whining) cocktail party on March 4, 2019 at 7:30pm. The event will be at Tap415. There will be drink tickets for registered guests for beer, wine and soft drinks. Food, networking, papparazzi as well as some great bonding between the DevOps and Security tribes.

The festivities last until 9:30pm and it is a great way to kick off your RSA Conference week. It is also the perfect cap to what promises to be a great day of DevSecOps sessions at DevOps Connect: DevSecOps@RSA this year.

 

Register Now!

 

See you in San Francisco!

 

DevSecOps Days, Singapore

DevSecOps Days is coming to Singapore.

Meet fellow practitioners integrating security into their DevOps practices. Learn about their journeys, share ideas on integrating security into your teams, and trade insights on automating security tools in your DevOps pipeline.

 

DevOps.com @ IBM Think 2018

 

Think 2018

IBM Think is IBM’s new flagship business and technology conference that combines – Interconnect, Amplify, World of Watson, Edge, and Connect—into one single event! Think 2018 will take place March 19-22, 2018 at Mandalay Bay in Las Vegas.

IBM Think will bring together over 40,000 business and technology innovators, leaders, and thinkers one place to share ideas, discuss topics like Artificial Intelligence, Cloud, DevOps, Supply Chain, Blockchain, Omnichannel Commerce, Data Analytics, Integration, Security, IoT, and more—and enjoy some exceptional networking, entertainment, and fun along the way.

DevOps TV at Think 2018

Alan Shimel (Co-founder & Editor-in-Chief) DevOps.com & DevOps TV will once again be at IBM Think and will be exploring these topics and others with exclusive interviews with IBM clients, business partners and subject matter experts. Last year at InterConnect 2017, DevOps TV published over 40 interviews featuring number of IBM Clients including CISCO, Lloyds Bank, NBC Universal, Kaiser-Permanente, and more. You can watch the entire playlist here.  We also took our video team mobile and toured several of the solution areas in the Expo.

How to find DevOps TV at Think 2018

We will be recording our 1-1 interviews in Delano. We have limited slots available and interviews must be scheduled in advance. Thank you to those who have already signed-up. We will be sending confirmations with exact time and location details. If you are interested in recording an interview with DevOps TV, please contact us at: devopstv@devops.com

Here are few highlights from InterConnect 2017

To see full coverage, please visit the DevOps TV channel on YouTube:  https://www.youtube.com/channel/UC-zcE077X98oTEDPwKkDQxQ

DevSecOps Day @ RSAC 2018

DevOps Connect: DevSecOps Day @ RSAC 2018

Moscone South Level 3

Monday, April 16, 2018

RSAC 2018

 

DevOps.com & Security Boulevard are excited to announce the 4th annual DevOps Connect: DevSecOps Day @ RSAC 2018. Once again DevSecOps Day @ RSAC will take place on the Monday of RSAC week, April 16th. This year DevSecOps Day will be held Moscone South Level 3.

 

DevOps Connect: DevSecOps Day is free to all RSAC badge holders

Here is a code for a free DevSecOps Day/RSAC expo pass badge or $100 dollars off a full pass:

  • $100 Discount off of Full Conference passes – 18UDEVOPSFD
  • Complimentary Expo passes – 18UDEVOPSXP

You can register using the codes above at: https://www.rsaconference.com/events/us18/register

DevOps Connect: DevSecOps Day Schedule & Agenda - Monday, April 16

DevOps Connect: DevSecOps Day will kick off at 9am at the Moscone South Level 3 on Monday April 16th. Sessions will run until 4pm that day with a 45 minute lunch break (lunch is not included) and two refreshment breaks through the day. Full schedule of sessions and speakers details are here:

AgendaSpeakers
Start End Session Title Speakers Host
9:00 9:05 Welcome and Introductions Alan Shimel
Co-founder, Editor-in-Chief, DevOps.com & Security Boulevard
Mark Miller
Senior Storyteller and DevSecOps Advocate, Sonatype
Alan Shimel/Mark Miller
9:05 9:55
Security is the Center of a DevOps World

As the rest of the DevOps culture moves farther left, security remains mired in approaches applicable for 10 year old legacy systems. The landscape has changed from “build a wall” perimeter security to an everything-is-connected ecosystem of applications, APIs, and third parties.

While there is no such thing as a default DevSecOps pipeline, there are key characteristics about the new product development methodology that can manifest as challenges for traditional security teams. Security teams must find a way to become embedded into every phase of the software supply chain, or run the risk of becoming hopelessly out of sync with contemporary software development.

Caroline Wong, Paula Thrasher, and Shannon Lietz bring decades of war stories to the table as practitioners on the frontlines of software security. Listen in as they present case studies, lessons learned, and practical tips for integrating “Sec” into DevSecOps. You will walk away from this session with practical tips on how to create your own team of internal security champions who will help you develop flexible, useful security practices that work in your current environment.

Shannon Lietz
Director, DevSecOps, Intuit
Paula Thrasher
Director of Digital Services, CSRA
Caroline Wong
Vice President of Security Strategy, Cobalt
Mark Miller

Senior Storyteller and DevSecOps Advocate, Sonatype

10:00 10:25
Evolving Your Security Mindset to Embrace DevSecOps
Under Armour has a story to tell about its DevSecOps journey. Security and agile methodologies are a critical part of that story. Bankim will discuss the cultural transformations taking place around the company’s DevSecOps initiatives, summarizing with a few lessons that will challenge people to think differently.

Bankim Tejani
Sr. Manager, Digital Product Security, Under Armour
James Wickett

Head of Research at Signal Sciences

10:25 11:15 Break Break Break
11:15 11:40
Fannie Mae’s Journey to DevSecOps

Fannie Mae partners with lenders to create housing opportunities for families across the country — and helps make the 30-year fixed-rate mortgage and affordable rental housing possible for millions of Americans. To support this mission, Fannie Mae must support robust security practices throughout the organization.

For years, Fannie Mae has aimed toward: 1) conducting cyber security assessments earlier in the development lifecycle; and 2) engaging business partners in the review and mitigation of cyber security risks. Through DevSecOps, Fannie Mae has now reached that goal — and stakeholders from development, operations, and cyber security now monitor, analyze, test, and proactively determine and fix vulnerabilities earlier in the development lifecycle.

Join us for this session to see how DevSecOps has helped to dramatically increase code quality standards and reduce the vulnerabilities at Fannie Mae.

Chitra Elango
Cyber Security Manager , Information Security, Fannie Mae
John Willis

Vice President of Devops and Digital Practices, SJ Technologies

11:45 12:10
Release the Monkeys!” and Reduce Enterprise Risk with DevSecOps

The world of DevOps presents a unique and unprecedented opportunity for Security teams to engage with developers and IT Operations to deliver high quality secure software to consumers. When Security teams integrate and collaborate with DevOps teams the entire organization reaps significant benefits.

This session will dig into the idea that “Agile” may not be agile enough in a world where external actors threaten the security and stability or organizations on a day to day basis. As new vulnerabilities are discovered quick remediation often becomes an unnecessary fire-drill. With a well-tuned, documented, and understood “DevSecOps”pipeline, vulnerabilities in both underlying operating systems and custom code bases can be resolved or mitigated quickly and re-deployed into a production environment in minutes.

If your Development teams can deploy “50 times before breakfast”, or seeks the maturity to do so, then it is essential that your business understands how rapid and continuous releases, continuous SDLC operational KPI’s, and DevOps maturity can reduce risk in your business and how introducing a bit of chaos into your resilient infrastructure brings security benefits. Join DJ as he discusses how to turn skepticism and caution of DevOps into adoption and understanding.

DJ Schleen
DevSecOps Evangelist, Aetna
Shannon Lietz

Director, DevSecOps, Intuit

12:10 01:30 Lunch Lunch Lunch
01:30 01:55
Driving Security through ReUse in Mission Critical Applications
When you handle trillions of dollars in transactions, people take notice. Supporting the non-stop nature of the global economy through these transactions is a critical role of the FRBNY.

Join this presentation to learn how the FRBNY is leveraging Re-Useable libraries and Micro-Services combined with CI/CD tooling to ensure standardization and security in its applications. We’ll review the phases of development and deployment and lessons learned which have created efficiency (and other benefits) in building and maintaining some of the banks most critical applications.

Colin Wynd
Vice President of Common Services, Federal Reserve Bank of New York
Jonathan DeRose
Assistant Vice President, Federal Reserve Bank of NYC
Derek Weeks

VP and DevOps Advocate, Sonatype

02:00 02:25
Managing Cyber Risk while Modernizing the Gaming Business
Bandai Namco, like most modern enterprises today, needs to take advantage of cloud computing and infrastructure to keep pace and gain market share. But accelerating the majority of their computing to the cloud requires visibility into the infrastructure and their security posture on a continuous basis.
In this session, we will discuss Bandai Namco’s path to cloud migration, the security and infrastructure visibility required and how they were able to get there. The talk will address how they evolved, and are evolving, their culture and approach to provide security assurance to this next phase of the business.The program requires a cultural change in how they develop and manage applications as well as extensive security and development tool rationalization. Part of the project involved identifying and effectively reporting progress and metrics. Bandai will share where they are in this journey, the wins they have had thus far and the obstacles they have addressed along the way to scale their development while deliverying security assurance to the business.
Lee Hsiao
Director of information systems Bandai Namco
Mike Kail
Cybric’s Chief Technology Officer
Damon Edwards

Co-Founder and Chief Product Officer, Rundeck

02:30 02:55
Zero to Ninety in Securing DevOps
You learn of a DevOps team. Maybe it’s skunkworks, a pilot, or a center of excellence. But there it is. Running. Working. And you have been asked to secure it. You can’t mess it up. But you’re going in blind. You have to learn quick, move fast, be careful. So what should you do in the first 90-days?

As DevOps continues to be adopted across industries, IT security and application security professionals are being asked to secure the workflow and products. And we get asked to evaluate, recommend, and implement security controls well after the DevOps team has been established. Sometimes, months or even years after the team has launched.

This talk speaks to that audience, sharing practices on how to start off strong. Approaches for building relationships, creating intuition, and becoming a trusted partner will be discussed and demonstrated. It is imperative we add security without taking away speed and agility, and the first 90-days is a crucial period.

J. Wolfgang Goerlich
VP for strategic security programs, CBI
Courtney Kissler

Vice President of Digital Platform Engineering, Nike

03:00 03:20 Break Break Break
03:25 03:50
Eat Your Veggies and Prevent Vulnerabilities
Stop taking drugs to manage issues and start taking your veggies to prevent them. The same concept applies to security. At Cigna, we strive to align the way our developers and security professionals think. We have automated our security approach and have a strong collaboration between security and development. We will discuss the journey, the challenges, how we got to taking our veggies and the benefits we achieved.

My job is to get our Security and Development team to think alike. This was not easy. The discussion will be about how we moved from Sec into CICD to Continuous security and show ROI. Obviously, the difficulty was to change the mindset of not only our developers, but also our security team.

Anaf Durrani
IT Director, DevOps, Product Engineering, Quality Engineering, Cigna
Chris Lockery
Deputy Chief Information Security Officer (CISO) at Cigna
Mark Miller

Senior Storyteller and DevSecOps Advocate, Sonatype

03:55 04:30
DevSecOps – It’s a People Thing (Panel)
Too many people in IT, especially in cybersecurity have shiny trinket syndrome. The cure for everything is always the latest tool, gadget, shiny trinket. When we talk about culture, people and teams, they give them lip service and then bag dive for their latest tools. But culture and people rule, especially in DevSecOps. If your DevOps and sec folks are not working together you are not going to succeed. In this panel we will discuss some of the roadblocks to better team functionality. What can security people do to make their jobs and lives easier? How can Dev, Ops, DevOps all work better and better understand what makes sec folk tick? Maybe we all have to take a long look in the mirror to understand that better security starts with better teamwork, better teamwork starts with people.
Stephanie Derdouri
Director Vulnerability Management, Information Security, Fannie Mae
Sandra Escandor-O’Keefe
Security Engineer at Fastly, Fastly
Jayne Groll
CEO, DevOps Institute
Chenxi Wang
Founder, The Jane Bond Project
John Willis

Vice President of Devops and Digital Practices, SJ Technologies

Alan ShimelCo-founder, Editor-in-Chief, DevOps.com & Security Boulevard

Throughout his career spanning over 25 years in the IT industry, Alan Shimel has been at the forefront of leading technology change. From hosting and infrastructure, to security and now DevOps, Shimel is an industry leader whose opinions and views are widely sought after.

Alan’s entrepreneurial ventures have seen him found or co-found several technology related companies including TriStar Web, StillSecure, The CISO Group, MediaOps, Inc., DevOps.com and the DevOps Institute. He has also helped several companies grow from startup to public entities and beyond. He has held a variety of executive roles around Business and Corporate Development, Sales, Marketing, Product and Strategy.

Alan is also the founder of the Security Bloggers Network, the Security Bloggers Meetups and awards which run at various Security conferences and Security Boulevard.

Most recently Shimel saw the impact that DevOps and related technologies were going to have on the Software Development Lifecycle and the entire IT stack. He founded DevOps.com and then the DevOps Institute. DevOps.com is the leading destination for all things DevOps, as well as the producers of multiple DevOps events called DevOps Connect. DevOps Connect produces DevSecOps and Rugged DevOps tracks and events at leading security conferences such as RSA Conference, InfoSec Europe and InfoSec World. The DevOps Institute is the leading provider of DevOps education, training and certification.

Alan has a BA in Government and Politics from St Johns University, a JD from New York Law School and a lifetime of business experience. His legal education, long experience in the field, and New York street smarts combine to form a unique personality that is always in demand to appear at conferences and events.

Anaf DuraniIT Director, DevOps, Product Engineering, Quality Engineering, Cigna - Health Services
My goal is to change the way we deliver business value. My teams do this by automating the software supply chain and deal with people who don’t want to change. I am an engineer at heart and by leveraging this experience, have been able to drive change across a 5000 person organization by starting small and then scaling.

I began my career as an engineer at Motorola working on the push to talk Nextal product. I Moved to Orbitz.com, where I deploy call centers and led projects that provided a consistent digital experience. I also played a few roles in Quality Engineering and Product Development. I then, joined Cigna to lead their DevOps journey.

Bankim TejaniSr. Manager, Digital Product Security, Under Armour
Bankim Tejani has conducted security research, assessments, training, and consulting for over a decade. His recent focus is on helping companies and government agencies integrate application security and static analysis into their software development life cycles (SDLC). Tejani is an active member of the Austin Open Web Application Security Project (OWASP) and co-founder of the Agile Austin Security SIG.
Caroline WongVice President of Security Strategy at Cobalt (www.cobalt.io).
Caroline’s close and practical information security knowledge stems from broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. She is a well known thought leader on the topic of security metrics and has been featured at industry conferences including RSA (USA and Europe), OWASP AppSec, and BSides.

Caroline was featured as an Influencer in the 2017 Women in IT Security issue of SC Magazine and has been named one of the Top Women in Cloud by CloudNOW. She received a 2010 Women of Influence Award in the One to Watch category and authored the popular textbook Security Metrics: A Beginner’s Guide, published by McGraw-Hill in 2011. Caroline graduated from U.C. Berkeley with a B.S. in Electrical Engineering and Computer Sciences and holds a certificate in Finance and Accounting from Stanford University Graduate School of Business.

Chenxi WangManaging General Partner, Rain Capital
Dr. Chenxi Wang is the founder of the Jane Bond Project, a Cybersecurity consultancy. She is a strategic partner at IT Security Planet and serves on the advisory board of various startups. Previously, Chenxi served as the Chief Strategy Officer at Twistlock, responsible for corporate strategy and thought leadership.

Chenxi is the 2016 & 2017 program co-chair for Security & Privacy at the Grace Hopper Conference and was named by SC Magazine as a 2016 Women of Influence. Prior to Twistlock, Chenxi built an illustrious career at Forrester Research, Intel Security and CipherCloud. At Forrester, Chenxi covered mobile, cloud and enterprise security, and wrote many hard-hitting research papers. At Intel Security, she led the ubiquity strategy that spans both hardware and software platforms.

Chenxi started her career as a faculty member of Computer Engineering at Carnegie Mellon University. Chenxi is a sought-after public speaker and a trusted adviser for IT executives. She has been quoted/featured by New York Times, Wall Street Journal, Forbes.com, Fox Business News, Bloomberg, Dark Reading and many other media outlets. Chenxi holds a Ph.D. in Computer Science from the University of Virginia

Chitra ElangoCyber Security Manager , Information Security, Fannie Mae
Chitra Elango is a Senior Cyber Security Manager leading the Application Security program at Fannie Mae. Before moving into Application Security field, she had 15+ years of experience as a software developer, which gives her insight into how development teams operate at Fannie Mae. This enabled her to play a key role in introducing security to the existing service delivery pipeline and establishing a true DevSecOps model at Fannie Mae that supports greater business agility and provides assurance in the overall security of the delivered product.

Chitra was a driving force in aligning software security and business needs by empowering and enabling developers to identify software security vulnerabilities during active development cycles.

 

Chris LockeryDeputy Chief Information Security Officer (CISO) at Cigna
Colin WyndVice President of Common Services, Federal Reserve Bank of New York
Colin Wynd is the Vice President & Head of Common Services at the Federal Reserve Bank of New York and has responsibility overseeing multiple teams including the development of Common Micro-Services, Frameworks, Digital Experience, DevOps, Engineering and Enterprise Data Management. Common Services acts as an internal software company within the Federal Reserve Bank of New York and provides products, services, consulting and training to various groups within the Federal Reserve System. The group is responsible for changing the way the Federal Reserve System thinks about building and delivering applications.

Colin is also a frequent speaker at various industry events. Previously Colin was a partner in TRG, a boutique consulting firm in New Jersey, focused on delivering solutions to a variety of businesses based in the tri-state area. He started his career at Hewlett-Packard in the UK. Originally from Scotland, Colin holds a B.S in Computing Science from the University of Glasgow.

Courtney KislserVice President of Digital Platform Engineering, Nike
Courtney is the Vice President of Digital Platform Engineering at Nike. Her teams are accountable for building a re-usable seamless platform to power Nike Direct to Consumer experiences. She is leading the teams accountable for core commerce services, user services, consumer data engineering and global retail solutions.

Prior to that, Courtney was the VP of Retail Technology at Starbucks. She was accountable for the global POS and retail store technology experiences. Prior to Starbucks, Courtney spent 14 years at Nordstrom with her last role being the Vice President of E-Commerce and Store technologies where she drove a technological transformation essential for outpacing the demands of today’s Omnichannel consumers. She was accountable for program management, delivery, and support for all customer facing technologies including in-store, Web, and mobile touch points. Courtney joined Nordstrom as a security engineer in 2002 and held a variety of leadership roles across the technology organization.

Courtney is a graduate of Eastern Washington University with a B.S. in Computer Information Systems and worked at two startups, CyberSafe and WorldStream Communications, prior to joining Nordstrom.

 

Damon EdwardsCo-Founder and Chief Product Officer, Rundeck
Damon Edwards is a Co-Founder and Chief Product Officer of Rundeck, Inc., the makers of Rundeck, the popular Operations as a Service platform. Damon Edwards was previously a Managing Partner at DTO Solutions, a DevOps and IT Operations improvement consultancy. Damon has spent over 15 years working with both the technology and business ends of IT operations and is noted for being a leader in porting cutting-edge DevOps techniques to large enterprise organizations. Damon is a frequent conference speaker and writer who focuses on DevOps and operations improvement topics. He is active in the international DevOps community, including being a co-host of the DevOps Cafe podcast, an early core organizer of the DevOps Days conference series, and a content chair for Gene Kim’s DevOps Enterprise Summit.
Derek WeeksVP and DevOps Advocate, Sonatype
Derek is a huge advocate of applying proven supply chain management principles into DevOps practices to improve efficiencies and sustain long-lasting competitive advantages. He currently serves as vice president and DevOps advocate at Sonatype, creators of the Nexus repository manager and the global leader in solutions for software supply chain automation.

Derek is the co-founder of All Day DevOps — an online community of 40,000 IT professionals, and the lead researcher behind the annual State of the Software Supply Chain report for the DevOps industry. In 2018, Derek was recognized by DevOps.com as the “Best DevOps Evangelist” for his work in the community.

DJ SchleenDevSecOps Evangelist, Aetna
DJ is a DevOps Security Architect at a large healthcare organization, assisting them though their journey of digital transformation and containerization. He specializes in automating security controls in DevOps environments and is a hacker by training – doing significant R&D work in mobile Security, ethical Hacking and penetration Testing.

As an expert in Application Lifecycle Management (ALM) and ITIL, DJ has worked to streamline development pipelines for many Fortune 100 organizations He is active on the speaker circuit and most recently gave a talk at RSAC 2017 in San Francisco that focused on security automation and the advantages of continuous delivery.

 

 

J. Wolfgang GoerlichVP for strategic security programs, CBI
J Wolfgang Goerlich provides strategic guidance for securing development and DevOps programs in the healthcare, education, financial services, and energy. He is currently with CBI, a cyber security consultancy, as the VP for strategic security programs. Wolfgang also leads the CBI Academy teams, providing mentoring and coaching to the junior-level talent. Prior roles included VP for a managed security services provider, VP for an IT firm specializing in high speed high secure networks, and IT security officer and manager for a financial services firm. He is an active part of the security community; co-founding the Converge Detroit and organizing the BSides Detroit conferences. Wolfgang regularly advises on and presents on the topics of secure development life cycle, DevOps, risk management, incident response, business continuity, and more.
James WickettHead of Research at Signal Sciences
James Wickett is the Head of Research at Signal Sciences, a web protection platform that high performing DevOps teams love. He is the author of the most popular courses on DevOps topics in the Lynda.com and LinkedIn Learning platforms. James lives in Texas and has helped run DevOps Days Austin for the last six years. In his spare time he is trying to make a perfect BBQ brisket. Follow him @wickett @signalsciences
John WillisVice President of Devops and Digital Practices, SJ Technologies
John Willis is Vice President of Devops and Digital Practices at SJ Technologies. Prior to SJ Technologies, John was Director of Ecosystem Development for Docker, he joined Docker when the company he co-founded (SocketPlane, which focused on SDN for containers) was acquired in March 2015.

Prior to founding SocketPlane in Fall 2014, John was the Chief DevOps Evangelist at Dell, which he joined following the Enstratius acquisition in May 2013. He has also held past executive roles at Opscode/Chef and Canonical/Ubuntu. John is the author of 7 IBM Redbooks and is co-author of the “Devops Handbook” along with authors Gene Kim, Patrick Dubois and Jez Humble.

The best way to reach John is through his Twitter handle @botchagalupe.

 

Jonathan DeRoseAssistant Vice President, Federal Reserve Bank of NYC
Jonathan R. DeRose is a Solution Delivery Officer in the Technology Group at the Federal Reserve Bank of New York. His current responsibility is within Common Services, overseeing development of Common Components & Frameworks, Development Services, and User Interface/Experience.

 

Lee HsaioDirector of information systems Bandai Namco
Lee Hsaio has been the director for information systems at Bandai Namco for over 17 years. He is responsible for security and operations and has been recently focused on accelerating Bandai Namco’s DevOps and DevSecOps efforts. This includes strategy, tool rationalization and ensuring security is tightly integrated into the development tool chain. He holds a degree from Washington University in St. Louis.
Sandra Escandor-O’KeefeSecurity Engineer, Fastly
Sandra Escandor-O’Keefe is a Security Engineer at Fastly, where she conducts security reviews for core infrastructure, and analyzes the design of the network to help ensure that Fastly can provide a secure edge for the biggest online platforms in the world. Before joining Fastly, Sandra was a software developer with experience in low-level software development using C/C++. Sandra has a B.Eng in Electrical and Biomedical Engineering from McMaster University.

 

Mark MillerSenior Storyteller and DevSecOps Advocate, Sonatype
I build massive online community projects. The most recent project is as co-founder of All Day DevOps, with 32,927 registrations.

Malcom Gladwell would call me “A Connector”. Wherever I go, one of the things I am most happy with is the ability to introduce people to each other, making connections where they didn’t previously exist. I’ve done this on every continent in the world as part of an ongoing desire to see connections where other people see differences.

My main expertise is in developing and supporting live online communities built around specific market verticals. These online communities bleed over into the real world, where relationships are strengthened and expanded. I look forward to becoming a part of your network.

Mike KailCybric’s Chief Technology Officer
Mike Kail is Cybric’s Chief Technology Officer. Previously, he served as Yahoo’s CIO and SVP of Infrastructure and as VP of IT Operations at Netflix. He has been recognized widely for his insightful industry commentary on Twitter, and was named by the Huffington Post as one of the “Top 100 Most Social CIOs on Twitter.” He holds a B.S. in Computer Science from Iowa State University.
Paula ThrasherDirector of Digital Services, CSRA
Paula is the Director of Digital Services at CSRA and leads the Agile, Testing, User Experience and DevOps centers of excellence delivery organizations. She has over 18 years’ experience in information technology and works in the federal market leading agencies and teams towards Agile and DevOps. Paula’s first Agile project was in 2001, since then she has led 20+ programs and projects as an Agile developer, technical lead, Scrum master, or Agile coach. Her teams have helped three separate federal agencies migrate applications to Amazon AWS GovCloud, and done some other amazing DevOps ninja work along the way.

Improvements experienced on Ms. Thrasher’s current program include increasing quantity of deployments by 220%, completing 18 months of backlog in 12 weeks, increasing quantity of features delivered by 30%, and using increasing automation around test and verification to accomplish 6 FTE worth of testing effort per 1 FTE. Last year she co-authored the paper Tactics for Leading Change with other industry leaders for IT Revolution and the DevOps Enterprise Forum.

Paula holds a B.S. in Statistics from Carnegie Mellon University and is a Certified Scrum Master (CSM) and a Project Management Professional (PMP), but prefers learning new things through experience and working with smart people.

 

Shannon LietzDirector, DevSecOps, Intuit
Award winning leader in security innovation with experience developing emerging security programs for Fortune 500 companies: Intuit, ServiceNow, Sony, Sempra Energy, Savvis, Cable and Wireless, 99 Cents Only, Exodus, Bank of America, among others internationally. Received the Scott Cook Innovation Award in 2014 for developing and cultivating a world class Cloud Security Program that allows for sensitive data to be protected in AWS.

Ms. Lietz is currently the Director of DevSecOps for Intuit where she is responsible for setting and driving the company’s Cloud Security Strategy, Roadmap, and full-scale Program in support of corporate innovation. She has previous experience as a Master Security Architect, an Entrepreneur, and often volunteers to educate on security topics. Ms. Lietz is a passionate DevSecOps and Rugged evangelist.

Stephanie DerdouriDirector Vulnerability Management, Information Security, Fannie Mae
Stephanie Derdouri operates as Fannie Mae’s Director of Vulnerability Management, ensuring the organization is protected against information security vulnerabilities that could jeopardize Fannie Mae’s mission of providing support to homebuyers. Derdouri oversees Fannie Mae’s Application Security (AppSec) and the Vulnerability Threat Management (VTM) teams that perform application security assessments, vulnerability scanning, and facilitate network penetration and data exfiltration testing.

Experience: Previous to her time at Fannie Mae, Stephanie worked for a.i. Solutions and led the NASA Headquarters Risk Management and Federal Compliance Team to develop and apply strategies to manage cybersecurity risks. She has also worked as a Security Analyst for the U.S. Department of Justice, where she honed and exercised her expertise in information security and vulnerability management.

Education: Derdouri has earned a Bachelor of Science degree in computer science from The George Washington University and a master of science in information systems engineering from Johns Hopkins University.

No Wine-ing DevSecOps Cocktail Party - Monday 4:30pm @ Jillians

Following the day sessions, the 5th annual No Wine-ing DevSecOps Cocktail party will take place @ Jillians, San Francisco, 4:30pm till 6pm, down the block from the Marquis. Registration for the No Wine-ing event is required and attendance is free. Register here.

DevSecOps: The Road to Better, Faster and Stronger - Tuesday 11:45am @ Jillians

The DevSecOps: The Road to Better, Faster and Stronger – Panel and Luncheon, featuring an all star lineup of DevSecOps experts will take place on Tuesday, April 17th, 11:45am, again @ Jillians. The panel will be based on the 2nd annual Security @ the Speed of DevOps reports by George Hulme. Once again admission and lunch are free, but registration is required. Printed copies of the report will be available to attendees. Register Now.

Sponsorships Available

Sponsorships for DevOps Connect: DevSecOps Days @ RSAC 2018 are almost sold out. There are just a few sponsorships open. If interested write to DevSecOpssponsor@devops.com

 

 

DevSecOps@RSA Conference APJ

Presents

DevSecOps at RSA Conference APJ

 RSA Conference
Asia Pacific & Japan
July 25, 2017
Marina Bay Sands, Singapore

Register Now: https://www.rsaconference.com/events/ap17/register

DevOps.com is excited to announce DevSecOps at RSA Conference APJ 2017. In the past few years a new community has begun to rear its head, the DevSecOps Community. DevOps Connect has helped bring this community together by producing DevSecOps events all over the world, including the last three years at RSAC San Francisco.

In this year’s DevOps Connect seminar at RSAC 2017 APJ, we’ll be concentrating on how companies are beginning to incorporate security into the DevOps automated pipeline, what that can mean for your business and what the transformation process will look like.

Practitioners working through the DevSecOps journey will present their stories, giving real world examples of what you can expect, the obstacles they’ve overcome both technologically and culturally and what they anticipate will be the outcome of their initiatives.

Headlining the day’s speakers is John Willis (@batchogalupe), co-author of the DevOps Handbook, who will also be signing and giving out free copies of the handbook which contains case studies on over 40 DevOps transformations.

After a full day of presentations, join us for a cocktail reception, DevOps Wine-ing (not Whining), as we co-mingle the DevOps and Security Tribes as part of the dynamic DevSecOps community.

How to Get Discounted RSA Conference Full Conference Passes and Complimentary Visitor Passes
We have worked out a special arrangement with RSAC APJ so that you and your colleagues can attend the full day of DevSecOps sessions on July 25th for free if you register for an RSAC pass. You can either use registration code 1A7DEVOPSFCD to receive a $100 discount off an RSAC Full Conference pass, or you can choose a free complimentary visitor pass.

A Full Conference pass will allow you to attend all Conference activities including keynote sessions, track sessions and the Expo. A Visitor pass will give you access to the Exhibition for the duration of the Conference, plus keynotes on the Thursday and Friday.

LOCATION

Marina Bay Sands Resort

10 Bayfront Avenue, Singapore 018956

http://www.marinabaysands.com

Located in the heart of Singapore’s central business district, Marina Bay Sands is the ultimate destination for entertainment, business and shopping. The landmark building comprises a luxury hotel, state-of-the-art convention and exhibition facilities, theatres and some of the finest shopping and dining in the region.

We are now accepting hotel reservations through this website. You can book, modify and cancel your hotel reservations at any time.

 

EVENT SCHEDULE

 

DevSecOps at RSA Conference APJ Schedule

OUR GREAT SPONSORS

Interested in becoming a sponsor? DevOps Connect @ RSA – The State of Security in Asia Pacific & Japan Sponsorship
The opportunity to sponsor DevSecOps 2017 is limited so we encourage you to act quickly.  You can see below the Opportunity for 2017, please contact parker@devops.com, or by phone at 845-591-6710, with any questions you may have.
 

CONTACT US

 



 

 
 
 
 
 
 

DevOps Connect: Jenkins Days* & Scrum Days:

ABOUT THE EVENT

Returning for its 3rd year, DevOps.com brings DevOps Connect to Innotech Dallas, April 24th- April 26th,2017 at the Irving Convention Center. This year’s event is themed around the DevOps, DevSecOps, Jenkins and Scrum.

Jenkins Days are sponsored by CloudBees, the Enterprise Jenkins company and feature a full range of Jenkins training, education, and learning including a keynote from Jenkins Evangelist, Tyler Croy.

Scrum Days are sponsored by Scrum.org, the “Home of Scrum.” With professional Scrum training, resources and more, Scrum.org brings Scrum and Agile best practices to the market. Their involvement in this DevOps event promises to bring Scrum and Scrum.org to the forefront of the DevOps movement as well.

DevOps Connect: Jenkins Days & Scrum Days Dallas will be a 3-day event. The first two days, will feature hands on training classes leading to certification in Scrum, DevOps and more. See below for details.

The third day of DevOps Connect: Jenkins Days & Scrum Days will feature a morning of keynote speakers by leaders of the Agile/Scrum/DevOps/CD space, demo theaters, exhibits and that is all before lunch is served! After lunch we will have afternoon tracks on DevSecOps, Jenkins, ScrumOps and DevOps Leadership. We will wrap the day up with a closing reception. The “ScrumOps, DevSec Ops, Scaling Scrum Workshops” are included in the Conference full day pass.

Parking for this event costs $8.00 per car. To find out more information on where to park click here.

 

OUR GREAT SPONSORS

April 24 – 25

PROFESSIONAL
SCRUM MASTER

$999

  • Includes PSM 1 Certification Exam
  • Lunch included both days
Register

SCALED
PROFESSIONAL SCRUM

$999

  • Includes SPS Certification Exam
  • Lunch included both days
Register

DevOps Foundation Certification Course

$999

  • Includes DevOps Certification
  • Lunch included both days
Register

DEVOPS
LET’S BUILD A JENKINS PIPELINE

$99

Register

SEVEN HABITS OF
HIGHLY EFFECTIVE JEKINS USERS

$99

Register

DISTRIBUTED PIPELINE ARCHITECTURE WITH
CLOUDBEES JENKINS

$99

Register

DEVOPS 2.1 TOOLKIT
WORKSHOP

$199

  • Lunch included
Register

April 26th

EARLY BIRD
CONFERENCE FOR KEYNOTES AND TRACKS

$79

  • Lunch included
Register

Irving Convention Center

Irving Convention Center at Las Colinas

500 West Las Colinas Boulevard

Irving, TX 75039

Get directions

CONTACT US



*  The registered trademark Jenkins® is used pursuant to a sublicense from SPI, owner of the mark on a world-wide basis.

DevOps Connect:

ABOUT THE EVENT

About DevOps Connect: Jenkins Days

Returning for its second year, DevOps.com brings DevOps Connect to  Chicago May 31st- June 1st, 2017 at the Navy Pier. This year’s event is themed around DevOps, DevSecOps and Jenkins.

Jenkins Days are sponsored by CloudBees, the Enterprise Jenkins company and feature a full range of Jenkins training, education, and learning including a keynote from DevOps Evangelist, Brian Dawson.

DevOps Connect: Jenkins Days will be a 2-day event.The first day of DevOps Connect: Jenkins Days will feature a morning of keynote speakers by leaders of the Agile/DevOps/CD space, demo theaters, exhibits and that is all before lunch is served! After lunch we will have afternoon tracks on DevSecOps, Jenkins, and DevOps Leadership. We will wrap the day up with a closing reception.

The second day, will feature hands on training classes leading to certification in DevOps and more. See below for details.

*Parking for this event is explained here.*

OUR GREAT SPONSORS

EVENT SCHEDULE

DevOps Connect: Jenkins Days and Scrum Days Chicago Schedule

May 31st & June 1st

CLOUDBEES-JENKINS WORKSHOPS (6/1) &

EARLY BIRD CONFERENCE FULL DAY (5/31)

$499

  • Lunch included
Register

 

DEVOPS FOUNDATION CERTIFICATION COURSE (5/31) & (6/1)

$999

  • Includes DevOps Certification
  • Lunch included
Register

June 1st

EARLY BIRD
CONFERENCE FULL DAY

$79

  • Lunch included
Register

CONTACT US



*  The registered trademark Jenkins® is used pursuant to a sublicense from SPI, owner of the mark on a world-wide basis.

DevOps Connect:

ABOUT THE EVENT

About DevOps Connect: Jenkins Days

Returning for its second year, DevOps.com brings DevOps Connect to  Boston, June 12th- June 13th, 2017 at the Aloft Boston Seaport. This year’s event is themed around DevOps, DevSecOps and Jenkins.

Jenkins Days are sponsored by CloudBees, the Enterprise Jenkins company and feature a full range of Jenkins training, education, and learning including a keynote from DevOps Evangelist, Brian Dawson.

DevOps Connect: Jenkins Days will be a 2-day event.The first day of DevOps Connect: Jenkins Days will feature a morning of keynote speakers by leaders of the Agile/DevOps/CD space, demo theaters, exhibits and that is all before lunch is served! After lunch we will have afternoon tracks on DevSecOps, Jenkins, and DevOps Leadership. We will wrap the day up with a closing reception.

The second day, will feature hands on training classes leading to certification in DevOps and more. See below for details.

*Parking for this event is explained here.

OUR GREAT SPONSORS

EVENT SCHEDULE

DevOps Connect: Jenkins Days and Scrum Days Boston Schedule

June 12th & June 13th

CLOUDBEES-JENKINS WORKSHOPS (6/13) &

EARLY BIRD CONFERENCE FULL DAY (6/12)

$499

  • Lunch included
Register

 

June 13th

EARLY BIRD
CONFERENCE FULL DAY

$79

  • Lunch included
Register

CONTACT US



*  The registered trademark Jenkins® is used pursuant to a sublicense from SPI, owner of the mark on a world-wide basis.

DevOps Connect:

ABOUT THE EVENT

About DevOps Connect: Jenkins Days

 

DevOps.com brings DevOps Connect to  Washington, DC , June 14th- June 15th, 2017 at Executive Conference Training Center. This year’s event is themed around DevOps, DevSecOps and Jenkins.

Jenkins Days are sponsored by CloudBees, the Enterprise Jenkins company and feature a full range of Jenkins training, education, and learning including a keynote from DevOps Evangelist, Brian Dawson.

DevOps Connect: Jenkins Days will be a 2-day event.The first day of DevOps Connect: Jenkins Days will feature hands on training classes leading to certification in DevOps and more. See below for details.

The second day, will feature a morning of keynote speakers by leaders of the Agile/DevOps/CD space, demo theaters, exhibits and that is all before lunch is served! After lunch we will have afternoon tracks on DevSecOps, Jenkins, and DevOps Leadership. We will wrap the day up with a closing reception.

*Parking is complimentary and located in the front and rear of the center.

Address:

Executive Conference and Training Center

22685 Holiday Park Dr #60

Sterling, VA 20166

OUR GREAT SPONSORS

EVENT SCHEDULE

DevOps Connect: DevOps Express Washington, D.C Schedule

June 14th & June 15th

CLOUDBEES-JENKINS WORKSHOPS (6/14) &

EARLY BIRD CONFERENCE FULL DAY (6/15)

$499

  • Lunch included
Register

 

June 15th

EARLY BIRD
CONFERENCE FULL DAY

$79

  • Lunch included
Register

CONTACT US



*  The registered trademark Jenkins® is used pursuant to a sublicense from SPI, owner of the mark on a world-wide basis.