Foundation of cloud native security: from building security to effective auditing
2 videos • 22 views • by Cloud Computing Global Community How to embed security into your pipeline - Dirk Herrmann, Systems Engineering @ Palo Alto Networks Cloud Native software development principles have fundamentally changed the way modern IT organizations work. Teams who have operated in silo in the past, are now working more closely with each other, with developer teams owning the entire stack and lifecycle. In these scenarios, automation has become more critical than ever before. This includes building, testing, deploying and operating applications at scale and at a high frequency. Security and compliance needs to be treated the same way and cannot be an after-thought or slow down development or deployment. In this webinar we will provide examples of how to embed a variety of security and compliance practices into a fully automated pipeline, from the perspective of development and security teams. Join us to learn more about how you can secure your entire application lifecycle, starting as early as possible, putting into practice “shift left” without making compromises on security and compliance. Dirk Herrmann Bio: Dirk Herrmann is manager of Systems Engineering for Palo Alto Networks in the EMEA region. Bringing more than a decade of experience and DevSecOps insight, Dirk helps customers leverage Palo Alto Networks solutions to secure their cloud environments. Dirk is passionate about open source and emerging technologies. Before joining Palo Alto Networks, he worked for Red Hat in the field as well as the product and technology organization, and as a product manager for Red Hat Quay, Quay.io and OpenShift. He’s the author of ‘10 Steps to Build an SOE’, the guide for Satellite 6, as well as the guy behind the Red Hat Container Catalog and Container Health Index. Since June 2020, he has run the EMEA Systems Engineering team for Prisma Cloud at Palo Alto Networks. Cloud, IT, and DevSecOps. How to gain control by letting go. Peter van Eijk, IT teacher, trainer, and consultant Cloud and DevOps are revolutionizing the development of IT. Entire enterprises are adopting a cloud-first strategy or even moving all their data centers to the cloud. This shifts a lot of responsibilities to the cloud providers but does not make it go away. On the contrary, IT is more complicated than ever. So how to control your IT by letting go? The Cloud Security Alliance and ISACA have collected best practices in the Certificate of Cloud Security Knowledge (CCSK) and the Certificate of Cloud Auditing Knowledge (CCAK). The webinar will discuss the major topics in cloud security and cloud audit and gives some pointers for additional resources. Peter van Eijk Bio: Peter van Eijk is a very experienced IT teacher, trainer, and consultant. He is one of the most experienced Certificate of Cloud Security Knowledge (CCSK) trainers. He was part of the team to develop the Certificate of Cloud Auditing Knowledge (CCAK). Peter is also part-time Associate Professor Cyber Security and Cloud at Hogeschool Utrecht, where one of his projects is to develop a Cyber Range as a service.