The advent of the cloud has brought a number of changes to the world, enabling a new level of agility and capability for organizations that was previously only accessible to elite technology companies. Now, any business has access to world-class infrastructure and scale with just a few clicks or API calls, creating a vehicle for new ideas and services to spring forth into the world. However, with this great power came great responsibility — security responsibility.
In traditional operating environments, perimeter security controls and pervasive appliance-based security tools dominate the conversation. When the control of complex infrastructure moved outside IT and outside the company datacenter, however, the methodology by which we secure infrastructure changed forever:
There are also exciting new capabilities that never existed before — on-demand scaling, microperimeterization of security controls, per-resource granular security policies, and much more that can be used advantageously in complex environments. These controls can be tightly integrated to your CI/CD pipeline and become operationalized much like monitoring, APM, and other tools that DevOps teams live by. We’ll explore how to integrate the ecosystem of technologies to create a true SecDevOps practice.
Tim co-founded Evident.io to help others avoid the pain he endured when helping Adobe adopt the cloud at a massive level. After years of building, operating, and securing services in AWS, he set out to make security approachable and repeatable for companies of all sizes.
Tim led technology teams at Adobe, Ingenuity, Ticketmaster, and McAfee.
15+ years security experience
8+ years AWS security experience
3 years successfully defending the Adobe AWS infrastructure from inception to production
AWS Certified Solutions Architect