DevOps and DevSecOps (DevOps with Security in Mind)

As organizations embrace DevOps, developers and operations work closely together to push new software out rapidly, while improving the quality and making customers happy. However, with speed comes risk. How can these teams build security into their new DevOps culture to ensure secure, high-quality software? 

This talk will first cover DevOps and close relationship between developers and operations and will introduce the security aspect wherever Information Security is at risk within a DevOps organization. 

• Development with ops in mind - Monitoring and alerting - when why and how
• Severity and urgency of incidents - How to handle devops without losing your sanity
• Using Devops tools for incident response best practices in communication during incidents
• Post Mortems/COEs/Follow Ups - Triaging and log analysis (common tools and tricks)
• Security as primary concern (DevSecOps) - Tools available, Web Application Firewalls
• Security incident response and understanding impact
• Policies and agile tools to ensure uptime and smooth operations
• Dealing with operations/security overload.