4–7 Nov 2019
Please log in

Prioritizing trust while creating applications

Jennifer Davis (Microsoft)
14:2015:00 Wednesday, 6 November 2019
Location: R2
Average rating: ****.
(4.50, 2 ratings)

Who is this presentation for?

  • Operations engineers, SREs, and developers

Level

Intermediate

Description

Managing risk needs to scale as your product grows in popularity and complexity. In traditional software development, security was often treated as a last gating factor at best and post-incident concern at worst. You need to shift your security processes left—in other words, earlier in the development lifecycle. The cost of applying security practices too late can be catastrophic to a company, leading to the loss of customer trust and affecting the bottom line.

Join Jennifer Davis to gain an overview of security tools and practices to adopt, including the CIA triad and why security matters, motivations of attackers, core foundation practices, defense in depth, threat modeling, making choices in your architecture based on operational concern, testing code, coding standards, securing code reviews, handling incidents, and advanced practices such as bug bounty problems, capture the flag, and red team exercises.

What you'll learn

  • Learn how to leverage security tools
  • Discover recommended practices that enable everyone to play a part in securing your application from discovery to operation
Photo of Jennifer Davis

Jennifer Davis

Microsoft

Jennifer Davis is a cloud operations advocate at Microsoft. Previously, she was a principal site reliability engineer at RealSelf and developed cookbooks to simplify building and managing infrastructure at Chef. Jennifer is the coauthor of Effective DevOps and speaks about DevOps, tech culture, and monitoring. She also gives tutorials on a variety of technical topics. When she’s not working, she enjoys learning to make things and spending quality time with her family.

  • Oracle Cloud Infrastructure
  • Cloudflare
  • JFrog
  • Akamas
  • Aqua Security Software
  • Fastly
  • Google
  • Instana
  • JetBrains
  • LaunchDarkly
  • LightStep
  • OVHcloud
  • SignalFx
  • VictorOps
  • Wayfair
  • Blameless
  • Chronosphere
  • FusionReactor
  • humanitec
  • replex GmbH
  • StackState
  • Datadog
  • GitLab
  • Gremlin
  • StormForger
  • SysEleven GmgH
  • Vamp.io

Contact us

confreg@oreilly.com

For conference registration information and customer service

partners@oreilly.com

For more information on community discounts and trade opportunities with O’Reilly conferences

velocity@oreilly.com

For information on exhibiting or sponsoring a conference

pr@oreilly.com

For media/analyst press inquires