Sydney Branch Meeting 13th April
Join us at Maritime Union of Australia to hear from Murray Goldschmidt on Security Automation in DevOps, and Tanya Harris as she shares her talk "The Real Threat Maybe in Front of You!"
Topic 1: Security Automation in DevOps
Compared with traditional development, testing, deployment and maintenance cycles, a culture change was required to transition to agile development. This is the same culture change that extends to DevOps – a fusion of development and operational activities, eroding previous boundaries. To respond to market demand, DevOps is now firmly rooted in the modern innovative organisation.
Integrating security into DevOps is possible without sacrificing flexibility or agility. This is a strategic approach that will extend the culture change again, and it needs buy-in and advocating from your IT leaders to be implemented successfully.
As DevOps is becoming more entrenched globally, it is imperative to have simple but effective means to implement and maintain security on an ongoing basis. This presentation will deliver advanced techniques and discuss the need to secure the entire DevOps stack.
Items covered in this presentation are:
• Integrating security within DevOps
• Understanding the DevOps layers and the full stack security approach.
• The critical importance of continuous monitoring.
• Minimising third party library exposure – the supply chain problem.
• Multiple opportunities to address defects – shifting left.
• Security Scanning across the Service Delivery Lifecycle.
• Static & Dynamic Analysis integrated with Build and Integration processes.
• Network Layer Vulnerability Management across Dev, Test and Production.
This is a feature rich presentation that will provide tangible techniques to improve the security of agile development practices that can be rapidly adopted for quick wins, and longer term strategic solutions for end-to-end security.
Speaker: Murray Goldschmidt, co-founder and Chief Operating Officer at Sense of Security
Murray
Goldschmidt, is a long-time AISA member, and co-founder and Chief
Operating Officer at Sense of Security, a leading Australian Information
Security and Risk Management firm.
Along with a degree in Electrical
Engineering, Murray is a Certified Information Systems Security
Professional (CISSP) and a Payment Card Industry Qualified Security
Assessor (PCI QSA).
Over the course of his career, Murray has
gained extensive experience, including the performance of network
penetration studies, information security risk assessments, and
application security reviews.
Topic 2: The Real Threat Maybe in Front of You!
Tanya’s thought provoking content challenges how we look at Cyber Security. She will discuss growing trends, changes to legislation, including ASIC’s focus on Board Members responsibly to Cyber Security, Europe’s new GDPR laws, and why insider threat needs to be at the core of protecting data.
Insider Threat is especially important to the finance and health sector as they are at the greatest risk of being hacked, as well as Government departments and organisations that hold valuable IP.
Speaker : Tanya Harris, CEO Harrman Cyber
Tanya Harris CEO of
Harrman Cyber, a UK company that provides a comprehensive protection
against the insider threat of Cyber Security. Their platform supports
the USA NSIT and UK Cyber Essentials framework, designed by Governments
to protect business from cyber attacks.
AISA members: Please sign in to register for this event.
If you would like to become a member you can join here.
Many thanks to our sponsors
AISA thanks for sponsoring the meeting