Looking for a specific timezone? We have it covered...
Wednesday, October 17 • 9:30pm - 10:00pm
Shift Up - Continuous Security & Feedback Loop In Production

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

DevOps engineering culture demands deploying code at lightning speeds. Speed equals to carelessness. And carelessness may lead to breach.

This talk is an introduction to shift up paradigm, think of it as shift left on steroids for production. Shift up enables an organization with identifying and remediating insecure code running in production including security gaps within infrastructural stack. Attack, yes you read it right attack, your own network by generating chaos and even running defensive dynamic security testing. In turn validate effectiveness of layered protective measures against application code and monitor transnational flow. By the virtue of this talk, I will attempt at answering the age-old question of, is there a necessity to integrate security technologies tools such as runtime application self-protection (RASP) or is WAF as effective tool. And last but not the least, building capabilities such as identifying external-facing assets in continuous manner and monitoring them throughout its lifecycle. All these learning from shift up capabilities in turn provides us with a feedback loop between AST tools (SAST, DAST, IAST, MAST) and layered defenses in production. This learning constantly helps us enhance protective shield against evolving attacks and ultimately gaining IT utopia.

avatar for Swapnil Deshmukh

Swapnil Deshmukh

Security Evangelist
Swapnil has more than a decade of experience in enterprise cybersecurity, including technical leadership positions in Fortune 500 financial services firms. He is a subject matter expert in the application, cloud and emerging technologies security domains. Swapnil is a co-author of... Read More →

Wednesday October 17, 2018 9:30pm - 10:00pm EDT
Live, Online