Location: Live, Online
Date created: May 21, 2020
In the past few years, security integration within the DevOps pipeline has given rise to the idea of DevSecOps. Once seen as the bottleneck and inhibitor of the development and deployment process, security has become an integral part of the movement towards automation and the removal of manual oversight enforcement. As stated in the DevSecOps Manifesto, “We must adapt our ways to ensure data security and privacy issues are not left behind because we were too slow to change.”There are many practitioners in the field who are pushing forward with the idea of creating a secure application development pipeline, with security integrated from conception through deployment. In the inaugural DevSecOps Day at RMISC Conference 2020, you’ll hear stories from those practitioners, explaining how they made the cultural transformation from legacy development and deployment processes to integrated systems that include security as a part of the process, not as an overseer or bottleneck to secure application development.This series of first person talks will give you a perspective on how you and your team can enable faster application development with more rapid deployment to production, while integrating security into your DevOps initiatives.NOTE: We have a strictly enforced “No Vendor” policy. This includes companies providing technology tools, services and consulting. Submissions from vendors will be immediately rejected. Presentation RestrictionsWe have a strict “No vendor pitches” policy. We are looking for practitioners who can tell their story and help others see the path ahead. If you are a vendor, consultant or company who sells services or products, encourage your clients to tell their storyHow Submissions are EvaluatedWe are looking for practitioners to discuss the unique challenges of adopting security into the DevSecOps pipeline, the obstacles to security being a contributing and valued partner in DevOps and the ways to overcome them. Specific topics we are looking for include, but are not restricted to:How did you get senior management buy-in? What did you do? How did you quantify the business value?Examples of security teams being integrated into the CI/CD or DevOps processHow did you overcome objections inside the organization?How did you design and implement effective controls to mitigate security risks?Which business area (and application) did you start with, why, and what did you do?What were the top challenges, and how did you overcome them?What were your top mistakes, and what advice would you give as a result?In-progress stories (and even Epic Failures of DevSecOps) are welcome!Submission GuidelinesSpeaking slots are 25 minutes.Attendees must be able to use the bulk of the presentation’s lessons without buying or using a particular tool or service (talk about the practice and solution, not about the tool or vendor)While we love consultants and vendors (they’re some of our favorite people!), we are looking for stories from the organizations adopting these practices.Each submission should end by communicating the core value in your message: how did you get security integrated into your DevOps initiative and what value did it provide to your project.
Date conference starts: Tue Jul 14, 2020
Date conference ends: Tue Jul 14, 2020
Date CFP opens: May 1, 2020
Date CFP closes: Jun 15, 2020