DevSecOps Day @ RSAC 2018 San Francisco

April 16, 2018

REGISTER NOW

DevOps Connect: DevSecOps Day @ RSAC 2018

Moscone South Level 3

Monday, April 16, 2018

RSAC 2018

 

DevOps.com & Security Boulevard are excited to announce the 4th annual DevOps Connect: DevSecOps Day @ RSAC 2018. Once again DevSecOps Day @ RSAC will take place on the Monday of RSAC week, April 16th. This year DevSecOps Day will be held Moscone South Level 3.

 

DevOps Connect: DevSecOps Day is free to all RSAC badge holders

Here is a code for a free DevSecOps Day/RSAC expo pass badge or $100 dollars off a full pass:

You can register using the codes above at: https://www.rsaconference.com/events/us18/register

DevOps Connect: DevSecOps Day Schedule & Agenda - Monday, April 16

DevOps Connect: DevSecOps Day will kick off at 9am at the Moscone South Level 3 on Monday April 16th. Sessions will run until 4pm that day with a 45 minute lunch break (lunch is not included) and two refreshment breaks through the day. Full schedule of sessions and speakers details are here:

AgendaSpeakers
Start End Session Title Speakers Host
9:00 9:05 Welcome and Introductions Alan Shimel
Co-founder, Editor-in-Chief, DevOps.com & Security Boulevard
Mark Miller
Senior Storyteller and DevSecOps Advocate, Sonatype
Alan Shimel/Mark Miller
9:05 9:55
Security is the Center of a DevOps World

As the rest of the DevOps culture moves farther left, security remains mired in approaches applicable for 10 year old legacy systems. The landscape has changed from “build a wall” perimeter security to an everything-is-connected ecosystem of applications, APIs, and third parties.

While there is no such thing as a default DevSecOps pipeline, there are key characteristics about the new product development methodology that can manifest as challenges for traditional security teams. Security teams must find a way to become embedded into every phase of the software supply chain, or run the risk of becoming hopelessly out of sync with contemporary software development.

Caroline Wong, Paula Thrasher, and Shannon Lietz bring decades of war stories to the table as practitioners on the frontlines of software security. Listen in as they present case studies, lessons learned, and practical tips for integrating “Sec” into DevSecOps. You will walk away from this session with practical tips on how to create your own team of internal security champions who will help you develop flexible, useful security practices that work in your current environment.

Shannon Lietz
Director, DevSecOps, Intuit
Paula Thrasher
Director of Digital Services, CSRA
Caroline Wong
Vice President of Security Strategy, Cobalt
Mark Miller

Senior Storyteller and DevSecOps Advocate, Sonatype

10:00 10:25
Evolving Your Security Mindset to Embrace DevSecOps
Under Armour has a story to tell about its DevSecOps journey. Security and agile methodologies are a critical part of that story. Bankim will discuss the cultural transformations taking place around the company’s DevSecOps initiatives, summarizing with a few lessons that will challenge people to think differently.

Bankim Tejani
Sr. Manager, Digital Product Security, Under Armour
James Wickett

Head of Research at Signal Sciences

10:25 11:15 Break Break Break
11:15 11:40
Fannie Mae’s Journey to DevSecOps

Fannie Mae partners with lenders to create housing opportunities for families across the country — and helps make the 30-year fixed-rate mortgage and affordable rental housing possible for millions of Americans. To support this mission, Fannie Mae must support robust security practices throughout the organization.

For years, Fannie Mae has aimed toward: 1) conducting cyber security assessments earlier in the development lifecycle; and 2) engaging business partners in the review and mitigation of cyber security risks. Through DevSecOps, Fannie Mae has now reached that goal — and stakeholders from development, operations, and cyber security now monitor, analyze, test, and proactively determine and fix vulnerabilities earlier in the development lifecycle.

Join us for this session to see how DevSecOps has helped to dramatically increase code quality standards and reduce the vulnerabilities at Fannie Mae.

Chitra Elango
Cyber Security Manager , Information Security, Fannie Mae
John Willis

Vice President of Devops and Digital Practices, SJ Technologies

11:45 12:10
Release the Monkeys!” and Reduce Enterprise Risk with DevSecOps

The world of DevOps presents a unique and unprecedented opportunity for Security teams to engage with developers and IT Operations to deliver high quality secure software to consumers. When Security teams integrate and collaborate with DevOps teams the entire organization reaps significant benefits.

This session will dig into the idea that “Agile” may not be agile enough in a world where external actors threaten the security and stability or organizations on a day to day basis. As new vulnerabilities are discovered quick remediation often becomes an unnecessary fire-drill. With a well-tuned, documented, and understood “DevSecOps”pipeline, vulnerabilities in both underlying operating systems and custom code bases can be resolved or mitigated quickly and re-deployed into a production environment in minutes.

If your Development teams can deploy “50 times before breakfast”, or seeks the maturity to do so, then it is essential that your business understands how rapid and continuous releases, continuous SDLC operational KPI’s, and DevOps maturity can reduce risk in your business and how introducing a bit of chaos into your resilient infrastructure brings security benefits. Join DJ as he discusses how to turn skepticism and caution of DevOps into adoption and understanding.

DJ Schleen
DevSecOps Evangelist, Aetna
Shannon Lietz

Director, DevSecOps, Intuit

12:10 01:30 Lunch Lunch Lunch
01:30 01:55
Driving Security through ReUse in Mission Critical Applications
When you handle trillions of dollars in transactions, people take notice. Supporting the non-stop nature of the global economy through these transactions is a critical role of the FRBNY.

Join this presentation to learn how the FRBNY is leveraging Re-Useable libraries and Micro-Services combined with CI/CD tooling to ensure standardization and security in its applications. We’ll review the phases of development and deployment and lessons learned which have created efficiency (and other benefits) in building and maintaining some of the banks most critical applications.

Colin Wynd
Vice President of Common Services, Federal Reserve Bank of New York
Jonathan DeRose
Assistant Vice President, Federal Reserve Bank of NYC
Derek Weeks

VP and DevOps Advocate, Sonatype

02:00 02:25
Managing Cyber Risk while Modernizing the Gaming Business
Bandai Namco, like most modern enterprises today, needs to take advantage of cloud computing and infrastructure to keep pace and gain market share. But accelerating the majority of their computing to the cloud requires visibility into the infrastructure and their security posture on a continuous basis.
In this session, we will discuss Bandai Namco’s path to cloud migration, the security and infrastructure visibility required and how they were able to get there. The talk will address how they evolved, and are evolving, their culture and approach to provide security assurance to this next phase of the business.The program requires a cultural change in how they develop and manage applications as well as extensive security and development tool rationalization. Part of the project involved identifying and effectively reporting progress and metrics. Bandai will share where they are in this journey, the wins they have had thus far and the obstacles they have addressed along the way to scale their development while deliverying security assurance to the business.
Lee Hsiao
Director of information systems Bandai Namco
Mike Kail
Cybric’s Chief Technology Officer
Damon Edwards

Co-Founder and Chief Product Officer, Rundeck

02:30 02:55
Zero to Ninety in Securing DevOps
You learn of a DevOps team. Maybe it’s skunkworks, a pilot, or a center of excellence. But there it is. Running. Working. And you have been asked to secure it. You can’t mess it up. But you’re going in blind. You have to learn quick, move fast, be careful. So what should you do in the first 90-days?

As DevOps continues to be adopted across industries, IT security and application security professionals are being asked to secure the workflow and products. And we get asked to evaluate, recommend, and implement security controls well after the DevOps team has been established. Sometimes, months or even years after the team has launched.

This talk speaks to that audience, sharing practices on how to start off strong. Approaches for building relationships, creating intuition, and becoming a trusted partner will be discussed and demonstrated. It is imperative we add security without taking away speed and agility, and the first 90-days is a crucial period.

J. Wolfgang Goerlich
VP for strategic security programs, CBI
Courtney Kissler

Vice President of Digital Platform Engineering, Nike

03:00 03:20 Break Break Break
03:25 03:50
Eat Your Veggies and Prevent Vulnerabilities
Stop taking drugs to manage issues and start taking your veggies to prevent them. The same concept applies to security. At Cigna, we strive to align the way our developers and security professionals think. We have automated our security approach and have a strong collaboration between security and development. We will discuss the journey, the challenges, how we got to taking our veggies and the benefits we achieved.

My job is to get our Security and Development team to think alike. This was not easy. The discussion will be about how we moved from Sec into CICD to Continuous security and show ROI. Obviously, the difficulty was to change the mindset of not only our developers, but also our security team.

Anaf Durrani
IT Director, DevOps, Product Engineering, Quality Engineering, Cigna
Chris Lockery
Deputy Chief Information Security Officer (CISO) at Cigna
Mark Miller

Senior Storyteller and DevSecOps Advocate, Sonatype

03:55 04:30
DevSecOps – It’s a People Thing (Panel)
Too many people in IT, especially in cybersecurity have shiny trinket syndrome. The cure for everything is always the latest tool, gadget, shiny trinket. When we talk about culture, people and teams, they give them lip service and then bag dive for their latest tools. But culture and people rule, especially in DevSecOps. If your DevOps and sec folks are not working together you are not going to succeed. In this panel we will discuss some of the roadblocks to better team functionality. What can security people do to make their jobs and lives easier? How can Dev, Ops, DevOps all work better and better understand what makes sec folk tick? Maybe we all have to take a long look in the mirror to understand that better security starts with better teamwork, better teamwork starts with people.
Stephanie Derdouri
Director Vulnerability Management, Information Security, Fannie Mae
Sandra Escandor-O’Keefe
Security Engineer at Fastly, Fastly
Jayne Groll
CEO, DevOps Institute
Chenxi Wang
Founder, The Jane Bond Project
John Willis

Vice President of Devops and Digital Practices, SJ Technologies

Alan ShimelCo-founder, Editor-in-Chief, DevOps.com & Security Boulevard

Throughout his career spanning over 25 years in the IT industry, Alan Shimel has been at the forefront of leading technology change. From hosting and infrastructure, to security and now DevOps, Shimel is an industry leader whose opinions and views are widely sought after.

Alan’s entrepreneurial ventures have seen him found or co-found several technology related companies including TriStar Web, StillSecure, The CISO Group, MediaOps, Inc., DevOps.com and the DevOps Institute. He has also helped several companies grow from startup to public entities and beyond. He has held a variety of executive roles around Business and Corporate Development, Sales, Marketing, Product and Strategy.

Alan is also the founder of the Security Bloggers Network, the Security Bloggers Meetups and awards which run at various Security conferences and Security Boulevard.

Most recently Shimel saw the impact that DevOps and related technologies were going to have on the Software Development Lifecycle and the entire IT stack. He founded DevOps.com and then the DevOps Institute. DevOps.com is the leading destination for all things DevOps, as well as the producers of multiple DevOps events called DevOps Connect. DevOps Connect produces DevSecOps and Rugged DevOps tracks and events at leading security conferences such as RSA Conference, InfoSec Europe and InfoSec World. The DevOps Institute is the leading provider of DevOps education, training and certification.

Alan has a BA in Government and Politics from St Johns University, a JD from New York Law School and a lifetime of business experience. His legal education, long experience in the field, and New York street smarts combine to form a unique personality that is always in demand to appear at conferences and events.

Anaf DuraniIT Director, DevOps, Product Engineering, Quality Engineering, Cigna - Health Services
My goal is to change the way we deliver business value. My teams do this by automating the software supply chain and deal with people who don’t want to change. I am an engineer at heart and by leveraging this experience, have been able to drive change across a 5000 person organization by starting small and then scaling.

I began my career as an engineer at Motorola working on the push to talk Nextal product. I Moved to Orbitz.com, where I deploy call centers and led projects that provided a consistent digital experience. I also played a few roles in Quality Engineering and Product Development. I then, joined Cigna to lead their DevOps journey.

Bankim TejaniSr. Manager, Digital Product Security, Under Armour
Bankim Tejani has conducted security research, assessments, training, and consulting for over a decade. His recent focus is on helping companies and government agencies integrate application security and static analysis into their software development life cycles (SDLC). Tejani is an active member of the Austin Open Web Application Security Project (OWASP) and co-founder of the Agile Austin Security SIG.
Caroline WongVice President of Security Strategy at Cobalt (www.cobalt.io).
Caroline’s close and practical information security knowledge stems from broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. She is a well known thought leader on the topic of security metrics and has been featured at industry conferences including RSA (USA and Europe), OWASP AppSec, and BSides.

Caroline was featured as an Influencer in the 2017 Women in IT Security issue of SC Magazine and has been named one of the Top Women in Cloud by CloudNOW. She received a 2010 Women of Influence Award in the One to Watch category and authored the popular textbook Security Metrics: A Beginner’s Guide, published by McGraw-Hill in 2011. Caroline graduated from U.C. Berkeley with a B.S. in Electrical Engineering and Computer Sciences and holds a certificate in Finance and Accounting from Stanford University Graduate School of Business.

Chenxi WangManaging General Partner, Rain Capital
Dr. Chenxi Wang is the founder of the Jane Bond Project, a Cybersecurity consultancy. She is a strategic partner at IT Security Planet and serves on the advisory board of various startups. Previously, Chenxi served as the Chief Strategy Officer at Twistlock, responsible for corporate strategy and thought leadership.

Chenxi is the 2016 & 2017 program co-chair for Security & Privacy at the Grace Hopper Conference and was named by SC Magazine as a 2016 Women of Influence. Prior to Twistlock, Chenxi built an illustrious career at Forrester Research, Intel Security and CipherCloud. At Forrester, Chenxi covered mobile, cloud and enterprise security, and wrote many hard-hitting research papers. At Intel Security, she led the ubiquity strategy that spans both hardware and software platforms.

Chenxi started her career as a faculty member of Computer Engineering at Carnegie Mellon University. Chenxi is a sought-after public speaker and a trusted adviser for IT executives. She has been quoted/featured by New York Times, Wall Street Journal, Forbes.com, Fox Business News, Bloomberg, Dark Reading and many other media outlets. Chenxi holds a Ph.D. in Computer Science from the University of Virginia

Chitra ElangoCyber Security Manager , Information Security, Fannie Mae
Chitra Elango is a Senior Cyber Security Manager leading the Application Security program at Fannie Mae. Before moving into Application Security field, she had 15+ years of experience as a software developer, which gives her insight into how development teams operate at Fannie Mae. This enabled her to play a key role in introducing security to the existing service delivery pipeline and establishing a true DevSecOps model at Fannie Mae that supports greater business agility and provides assurance in the overall security of the delivered product.

Chitra was a driving force in aligning software security and business needs by empowering and enabling developers to identify software security vulnerabilities during active development cycles.

 

Chris LockeryDeputy Chief Information Security Officer (CISO) at Cigna
Colin WyndVice President of Common Services, Federal Reserve Bank of New York
Colin Wynd is the Vice President & Head of Common Services at the Federal Reserve Bank of New York and has responsibility overseeing multiple teams including the development of Common Micro-Services, Frameworks, Digital Experience, DevOps, Engineering and Enterprise Data Management. Common Services acts as an internal software company within the Federal Reserve Bank of New York and provides products, services, consulting and training to various groups within the Federal Reserve System. The group is responsible for changing the way the Federal Reserve System thinks about building and delivering applications.

Colin is also a frequent speaker at various industry events. Previously Colin was a partner in TRG, a boutique consulting firm in New Jersey, focused on delivering solutions to a variety of businesses based in the tri-state area. He started his career at Hewlett-Packard in the UK. Originally from Scotland, Colin holds a B.S in Computing Science from the University of Glasgow.

Courtney KislserVice President of Digital Platform Engineering, Nike
Courtney is the Vice President of Digital Platform Engineering at Nike. Her teams are accountable for building a re-usable seamless platform to power Nike Direct to Consumer experiences. She is leading the teams accountable for core commerce services, user services, consumer data engineering and global retail solutions.

Prior to that, Courtney was the VP of Retail Technology at Starbucks. She was accountable for the global POS and retail store technology experiences. Prior to Starbucks, Courtney spent 14 years at Nordstrom with her last role being the Vice President of E-Commerce and Store technologies where she drove a technological transformation essential for outpacing the demands of today’s Omnichannel consumers. She was accountable for program management, delivery, and support for all customer facing technologies including in-store, Web, and mobile touch points. Courtney joined Nordstrom as a security engineer in 2002 and held a variety of leadership roles across the technology organization.

Courtney is a graduate of Eastern Washington University with a B.S. in Computer Information Systems and worked at two startups, CyberSafe and WorldStream Communications, prior to joining Nordstrom.

 

Damon EdwardsCo-Founder and Chief Product Officer, Rundeck
Damon Edwards is a Co-Founder and Chief Product Officer of Rundeck, Inc., the makers of Rundeck, the popular Operations as a Service platform. Damon Edwards was previously a Managing Partner at DTO Solutions, a DevOps and IT Operations improvement consultancy. Damon has spent over 15 years working with both the technology and business ends of IT operations and is noted for being a leader in porting cutting-edge DevOps techniques to large enterprise organizations. Damon is a frequent conference speaker and writer who focuses on DevOps and operations improvement topics. He is active in the international DevOps community, including being a co-host of the DevOps Cafe podcast, an early core organizer of the DevOps Days conference series, and a content chair for Gene Kim’s DevOps Enterprise Summit.
Derek WeeksVP and DevOps Advocate, Sonatype
Derek is a huge advocate of applying proven supply chain management principles into DevOps practices to improve efficiencies and sustain long-lasting competitive advantages. He currently serves as vice president and DevOps advocate at Sonatype, creators of the Nexus repository manager and the global leader in solutions for software supply chain automation.

Derek is the co-founder of All Day DevOps — an online community of 40,000 IT professionals, and the lead researcher behind the annual State of the Software Supply Chain report for the DevOps industry. In 2018, Derek was recognized by DevOps.com as the “Best DevOps Evangelist” for his work in the community.

DJ SchleenDevSecOps Evangelist, Aetna
DJ is a DevOps Security Architect at a large healthcare organization, assisting them though their journey of digital transformation and containerization. He specializes in automating security controls in DevOps environments and is a hacker by training – doing significant R&D work in mobile Security, ethical Hacking and penetration Testing.

As an expert in Application Lifecycle Management (ALM) and ITIL, DJ has worked to streamline development pipelines for many Fortune 100 organizations He is active on the speaker circuit and most recently gave a talk at RSAC 2017 in San Francisco that focused on security automation and the advantages of continuous delivery.

 

 

J. Wolfgang GoerlichVP for strategic security programs, CBI
J Wolfgang Goerlich provides strategic guidance for securing development and DevOps programs in the healthcare, education, financial services, and energy. He is currently with CBI, a cyber security consultancy, as the VP for strategic security programs. Wolfgang also leads the CBI Academy teams, providing mentoring and coaching to the junior-level talent. Prior roles included VP for a managed security services provider, VP for an IT firm specializing in high speed high secure networks, and IT security officer and manager for a financial services firm. He is an active part of the security community; co-founding the Converge Detroit and organizing the BSides Detroit conferences. Wolfgang regularly advises on and presents on the topics of secure development life cycle, DevOps, risk management, incident response, business continuity, and more.
James WickettHead of Research at Signal Sciences
James Wickett is the Head of Research at Signal Sciences, a web protection platform that high performing DevOps teams love. He is the author of the most popular courses on DevOps topics in the Lynda.com and LinkedIn Learning platforms. James lives in Texas and has helped run DevOps Days Austin for the last six years. In his spare time he is trying to make a perfect BBQ brisket. Follow him @wickett @signalsciences
John WillisVice President of Devops and Digital Practices, SJ Technologies
John Willis is Vice President of Devops and Digital Practices at SJ Technologies. Prior to SJ Technologies, John was Director of Ecosystem Development for Docker, he joined Docker when the company he co-founded (SocketPlane, which focused on SDN for containers) was acquired in March 2015.

Prior to founding SocketPlane in Fall 2014, John was the Chief DevOps Evangelist at Dell, which he joined following the Enstratius acquisition in May 2013. He has also held past executive roles at Opscode/Chef and Canonical/Ubuntu. John is the author of 7 IBM Redbooks and is co-author of the “Devops Handbook” along with authors Gene Kim, Patrick Dubois and Jez Humble.

The best way to reach John is through his Twitter handle @botchagalupe.

 

Jonathan DeRoseAssistant Vice President, Federal Reserve Bank of NYC
Jonathan R. DeRose is a Solution Delivery Officer in the Technology Group at the Federal Reserve Bank of New York. His current responsibility is within Common Services, overseeing development of Common Components & Frameworks, Development Services, and User Interface/Experience.

 

Lee HsaioDirector of information systems Bandai Namco
Lee Hsaio has been the director for information systems at Bandai Namco for over 17 years. He is responsible for security and operations and has been recently focused on accelerating Bandai Namco’s DevOps and DevSecOps efforts. This includes strategy, tool rationalization and ensuring security is tightly integrated into the development tool chain. He holds a degree from Washington University in St. Louis.
Sandra Escandor-O’KeefeSecurity Engineer, Fastly
Sandra Escandor-O’Keefe is a Security Engineer at Fastly, where she conducts security reviews for core infrastructure, and analyzes the design of the network to help ensure that Fastly can provide a secure edge for the biggest online platforms in the world. Before joining Fastly, Sandra was a software developer with experience in low-level software development using C/C++. Sandra has a B.Eng in Electrical and Biomedical Engineering from McMaster University.

 

Mark MillerSenior Storyteller and DevSecOps Advocate, Sonatype
I build massive online community projects. The most recent project is as co-founder of All Day DevOps, with 32,927 registrations.

Malcom Gladwell would call me “A Connector”. Wherever I go, one of the things I am most happy with is the ability to introduce people to each other, making connections where they didn’t previously exist. I’ve done this on every continent in the world as part of an ongoing desire to see connections where other people see differences.

My main expertise is in developing and supporting live online communities built around specific market verticals. These online communities bleed over into the real world, where relationships are strengthened and expanded. I look forward to becoming a part of your network.

Mike KailCybric’s Chief Technology Officer
Mike Kail is Cybric’s Chief Technology Officer. Previously, he served as Yahoo’s CIO and SVP of Infrastructure and as VP of IT Operations at Netflix. He has been recognized widely for his insightful industry commentary on Twitter, and was named by the Huffington Post as one of the “Top 100 Most Social CIOs on Twitter.” He holds a B.S. in Computer Science from Iowa State University.
Paula ThrasherDirector of Digital Services, CSRA
Paula is the Director of Digital Services at CSRA and leads the Agile, Testing, User Experience and DevOps centers of excellence delivery organizations. She has over 18 years’ experience in information technology and works in the federal market leading agencies and teams towards Agile and DevOps. Paula’s first Agile project was in 2001, since then she has led 20+ programs and projects as an Agile developer, technical lead, Scrum master, or Agile coach. Her teams have helped three separate federal agencies migrate applications to Amazon AWS GovCloud, and done some other amazing DevOps ninja work along the way.

Improvements experienced on Ms. Thrasher’s current program include increasing quantity of deployments by 220%, completing 18 months of backlog in 12 weeks, increasing quantity of features delivered by 30%, and using increasing automation around test and verification to accomplish 6 FTE worth of testing effort per 1 FTE. Last year she co-authored the paper Tactics for Leading Change with other industry leaders for IT Revolution and the DevOps Enterprise Forum.

Paula holds a B.S. in Statistics from Carnegie Mellon University and is a Certified Scrum Master (CSM) and a Project Management Professional (PMP), but prefers learning new things through experience and working with smart people.

 

Shannon LietzDirector, DevSecOps, Intuit
Award winning leader in security innovation with experience developing emerging security programs for Fortune 500 companies: Intuit, ServiceNow, Sony, Sempra Energy, Savvis, Cable and Wireless, 99 Cents Only, Exodus, Bank of America, among others internationally. Received the Scott Cook Innovation Award in 2014 for developing and cultivating a world class Cloud Security Program that allows for sensitive data to be protected in AWS.

Ms. Lietz is currently the Director of DevSecOps for Intuit where she is responsible for setting and driving the company’s Cloud Security Strategy, Roadmap, and full-scale Program in support of corporate innovation. She has previous experience as a Master Security Architect, an Entrepreneur, and often volunteers to educate on security topics. Ms. Lietz is a passionate DevSecOps and Rugged evangelist.

Stephanie DerdouriDirector Vulnerability Management, Information Security, Fannie Mae
Stephanie Derdouri operates as Fannie Mae’s Director of Vulnerability Management, ensuring the organization is protected against information security vulnerabilities that could jeopardize Fannie Mae’s mission of providing support to homebuyers. Derdouri oversees Fannie Mae’s Application Security (AppSec) and the Vulnerability Threat Management (VTM) teams that perform application security assessments, vulnerability scanning, and facilitate network penetration and data exfiltration testing.

Experience: Previous to her time at Fannie Mae, Stephanie worked for a.i. Solutions and led the NASA Headquarters Risk Management and Federal Compliance Team to develop and apply strategies to manage cybersecurity risks. She has also worked as a Security Analyst for the U.S. Department of Justice, where she honed and exercised her expertise in information security and vulnerability management.

Education: Derdouri has earned a Bachelor of Science degree in computer science from The George Washington University and a master of science in information systems engineering from Johns Hopkins University.

No Wine-ing DevSecOps Cocktail Party - Monday 4:30pm @ Jillians

Following the day sessions, the 5th annual No Wine-ing DevSecOps Cocktail party will take place @ Jillians, San Francisco, 4:30pm till 6pm, down the block from the Marquis. Registration for the No Wine-ing event is required and attendance is free. Register here.

DevSecOps: The Road to Better, Faster and Stronger - Tuesday 11:45am @ Jillians

The DevSecOps: The Road to Better, Faster and Stronger – Panel and Luncheon, featuring an all star lineup of DevSecOps experts will take place on Tuesday, April 17th, 11:45am, again @ Jillians. The panel will be based on the 2nd annual Security @ the Speed of DevOps reports by George Hulme. Once again admission and lunch are free, but registration is required. Printed copies of the report will be available to attendees. Register Now.

Sponsorships Available

Sponsorships for DevOps Connect: DevSecOps Days @ RSAC 2018 are almost sold out. There are just a few sponsorships open. If interested write to DevSecOpssponsor@devops.com