Wednesday, February 8, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Container Journal
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About Us
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • Gamifying Security
  • Super Bowl Cybersecurity: Safeguarding Your Viral Moment
  • How to Implement CIEM – A Checklist
  • APOLLO Insurance Ends Competitive Price Scraping With DataDome
  • Lunch and Learn: How to Introduce Cyber Risk Quantification (CRQ) to Your Organization
Application Security Cloud Security DevOps Events Security Bloggers Network 

Home » Cybersecurity » Application Security » Infosecurity Europe Preview: Shifting Left – Integrated Container Security and DevSecOps

SBN

Infosecurity Europe Preview: Shifting Left – Integrated Container Security and DevSecOps

by Ben Layer on May 27, 2018

There is little doubt that DevOps philosophies have been taking over in many different types of organizations, providing the advantages of faster time to market as well as greater flexibility and resiliency.

TechStrong Con 2023Sponsorships Available

You’ve probably heard about shifting security to the left or of the need to inject security into each step of the DevOps cycle. But why do we need so much security, how are we supposed to fit it in and just where is “the left”?

This year at Infosecurity Europe 2018, I’ll be discussing these topics in my talk “Shifting Left: Integrated Container Security and DevSecOps,” which you can find in the Tripwire booth theater at stand E50.

A slogan of the DevOps movement is to “Move Fast and Break Things,” striking fear into the hearts of traditional IT and security professionals.

Modern teams are moving fast by combining elements of software development and system administration. This rapid delivery is a huge advantage in the midst of a demanding and competitive market, but it can also introduce new risk and vulnerabilities if security is compromised for speed.

Effective DevSecOps requires a mix of modern tools and methods with foundational security controls.

For example, build systems, containers and orchestration tools can be used together with more traditional security mechanisms, such as file integrity monitoring, access control and vulnerability management.  Implementing controls and security features from the start provides a layered defense against even the most agile attackers. This allows for the advantages of DevOps without sacrificing your organization’s security.

In my presentation, I’ll discuss some of the ways Tripwire can help in the pursuit of a robust DevSecOps practice. I’ll be diving into the Container Analyzer Service, a new offering providing an integration point for vulnerability management of Docker images within your build pipeline. The (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Ben Layer. Read the original post at: https://www.tripwire.com/state-of-security/security-awareness/events/infosecurity-europe-preview-shifting-left-integrated-container-security-and-devsecops/

May 27, 2018May 27, 2018 Ben Layer containers, DEVOPS, events, security
  • ← GIAC Certifications Overview
  • The Shared Security Podcast Weekly Blaze – Real-time Location Tracking, VPNFilter Router Malware, Apple’s GDPR Updates →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows
TSTV Podcast

Subscribe to our Newsletters

Most Read on the Boulevard

Fortinet Adds Services to Help Close Cybersecurity Skills Gap
Dutch Cops Bust ‘Exclu’ Messaging Service, Arrest 42
ChatGPT-Written Malware Will Change the Threat Landscape
How Data Governance Policies Impact Cybersecurity
Hunter Biden’s Laptop Revisited: What it Means for Cloud Storage
Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership
GUEST ESSAY: The common thread between China’s spy balloons and Congress banning Tik Tok
Digital Trust Digest: This Week’s Must-Know News
USENIX Security ’22 – Pratik Vaishnavi, Kevin Eykholt, Amir Rahmati – ‘Transferring Adversarial Robustness Through Robust Representation Matching’
Dynamic Approaches seen in AveMaria’s Distribution Strategy

Upcoming Webinars

Mon 13

AI in Machine Learning

February 13 @ 1:00 pm - 2:00 pm
Wed 15

Understanding Cyber Insurance Identity Security Requirements for 2023

February 15 @ 11:00 am - 12:00 pm
Wed 15

Where Will DevSecOps ‘Shift’ Next?

February 15 @ 1:00 pm - 2:00 pm
Tue 21

Headwinds, Crosswinds and Tailwinds: Securing the Cloud in Turbulent Times

February 21 @ 1:00 pm - 2:00 pm
Wed 22

3 Steps to Software Supply Chain Security Success in 2023

February 22 @ 1:00 pm - 2:00 pm
Tue 28

SaaS-Based Container Networking and Security on Amazon EKS

February 28 @ 11:00 am - 12:00 pm
Mar 20

Software Supply Chain Security

March 20 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

7 Must-Read eBooks for Security Professionals

Industry Spotlight

Anker’s Eufy Admits ‘Lie’ After TWO Months — Still no Apology
Analytics & Intelligence API Security Application Security Cloud Security Cloud Security Cybersecurity Data Security DevOps Editorial Calendar Endpoint Featured Humor Identity & Access Incident Response Industry Spotlight IOT IoT & ICS Security Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Security Operations Software Supply Chain Security Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Anker’s Eufy Admits ‘Lie’ After TWO Months — Still no Apology

February 3, 2023 Richi Jennings | Feb 03 0
‘Finish Him!’ US Kills Huawei With Final Tech Ban
AI and Machine Learning in Security AI and ML in Security Analytics & Intelligence Application Security Cloud Security Cloud Security Cyberlaw Cybersecurity Data Security Editorial Calendar Featured Governance, Risk & Compliance Humor Identity & Access Industry Spotlight IOT IoT & ICS Security Mobile Security Most Read This Week Network Security News Popular Post Regulatory Compliance Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

‘Finish Him!’ US Kills Huawei With Final Tech Ban

February 1, 2023 Richi Jennings | Feb 01 0
US No-Fly List Leaked via Airline Dev Server by @_nyancrimew
Analytics & Intelligence API Security Application Security Cloud Security Cyberlaw Cybersecurity Data Security DevOps Editorial Calendar Featured Governance, Risk & Compliance Humor Identity & Access Incident Response Industry Spotlight Most Read This Week Network Security News Popular Post Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

US No-Fly List Leaked via Airline Dev Server by @_nyancrimew

January 23, 2023 Richi Jennings | Jan 23 0

Top Stories

6clicks Taps GPT-3 to Automate Writing of GRC Controls
Cybersecurity Featured Governance, Risk & Compliance News Security Awareness Security Boulevard (Original) Spotlight 

6clicks Taps GPT-3 to Automate Writing of GRC Controls

February 8, 2023 Michael Vizard | 4 hours ago 0
Splunk: Cybercriminals Use These Types of TTPs
Cybersecurity Featured Incident Response Malware News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches 

Splunk: Cybercriminals Use These Types of TTPs

February 7, 2023 Michael Vizard | Yesterday 0
Dutch Cops Bust ‘Exclu’ Messaging Service, Arrest 42
Analytics & Intelligence Application Security Cloud Security Cyberlaw Cybersecurity Data Security Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Incident Response Malware Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Dutch Cops Bust ‘Exclu’ Messaging Service, Arrest 42

February 6, 2023 Richi Jennings | 2 days ago 0

Security Humor

Robert M. Lee's & Jeff Haas' Little Bobby Comic - 'WEEK 418’

Robert M. Lee’s & Jeff Haas’ Little Bobby Comic – ‘WEEK 418’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Container Journal
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.