Build resilient systems at scale
October 12–14, 2015 • New York, NY

Securing the heart of automated infrastructure - why security is DevOps

Jamesha Fisher (GitHub)
2:10pm–2:50pm Wednesday, 10/14/2015
Location: Nassau Suite
Average rating: **...
(2.33, 9 ratings)
Slides:   external link

Prerequisite Knowledge

A beginner’s knowledge of Chef is needed but not required. Also, a familiarity with servers and cloud. Otherwise, this is a pretty straightforward talk.

Description

DevOps is an amazing cultural movement that is leading the tech world by storm. However, there are also a lot of companies out there wanting to go about it in a secure way. They don’t know where to start, what to consider, or what to anticipate in the process. Some are operations and development teams who have security putting up barriers. Security just wants to make sure they get things right, but can’t relate to Operations and development. So, that’s the audience I hope to help. DevOps actually can include security, and I will demonstrate it through a deployment of Chef Server, with special stories from my own experience.

My talk goes through the following:

  • Why security is important to DevOps
  • How the information security triad relates to DevOps
    *Availability
    *Integrity
    *Confidentiality
  • Deployment of Chef Server with the information security triad
    *Planning
    *Testing (with Short Demo)
    *Deployment
Photo of Jamesha Fisher

Jamesha Fisher

GitHub

Jamesha Fisher is a security operations engineer at GitHub. Jamesha has worked in the tech industry for over 10 years, with a special interest in security. Graduating with a degree in information assurance and security engineering, she lent her experience to operations and systems engineering at companies like Google and CloudPassage. In her spare time, Jamesha is a maker of things musical or delicious and objects that use binary numbers.

Stay Connected

Follow Velocity on Twitter Facebook Group Google+ LinkedIn Group

Videos

More Videos »

O’Reilly Media

Tech insight, analysis, and research