SIGS Special Interest Group
4th DevSecOps Forum

Save the DateClick on the .ics file to save the date

Target Audience Professionals which are interested in the topic DevSecOps

From Consultancies and Resellers/ Integrators are only technical peoples (which are involved in this topic in their daily job) allowed to take part – max. one participant per company. Vendors and people with a Sales/Marketing role are not authorized as participants.

CPE Credits Earn 4 CPE (Continuing Professional Education) for attending this SIGS forum. Please request a confirmation.
Location (tbd)

Date of Event 25th of June 2019
Further planned date for 2019: 10th of October and 3rd of December 2019
Language English
Participation Costs This time for free – sponsered by Swisscom
Organization, presentations, beverages and apéro riche included

 
Agenda

 

1:30 – 2:00 pm Registration & Coffee
2:00 – 2:00 pm Welcome from the moderator
2:00 – 2:30 pm Manuel Jeckelmann, Security Architect at Swisscom

DevSecOps – Integrated Security Automation
DevOps changes not only the behavior of Development and Operations teams, it also has a big impact on enabling or governance functions. With a focus on security we’ll shed some light on the core aspects that are changing and how to change from a vertical towards a horizontal perspective on product delivery thanks to investments into automation solutions.

2:30 – 3:00 pm Jens Kober, IT Architect at Information Service Center ISCeco

(Details will follow)
.

3:00 – 3:30 pm Aarno Aukia, CTO at VSHN AG

Automated Server Administration for DevSecOps
How to reduce costs and improve security by automating system administration processes: experience report managing 1200 fully automated servers.

3:30 – 4:15 pm Break
4:15 – 6:00 pm Workshop I (strategic sessions/talks)
by Thomas Schaefer, CISO Office at Mobiliar AG

KPIs for managing and optimizing DevSecOps success
We need to adjust DevOps to include security. With high profile breaches it’s clear that simply guarding the borders is not enough. By adding security to a DevOps program, the relevant stakeholders will be forced to think about security in a more granular way – already during the portfolio management or latest at the start of the software development process, rather than as an afterthought. That’s what we are working on at Mobiliar.

Unfortunately in a DevOps environment bringing business and IT close together, accountability for doing so is not always obvious. Business sets the priorities, the CIO leads the architecture, development and operations teams and there is additionally a security team, sometimes also lead by the CIO. But how to get all the relevant stakeholders on your side so they will direct their teams and enforce security for the sake of the enterprise?

You have to start with risk. By keeping the focus on risk, CIOs will help the business understand how IT can contribute to breaking into a new market or experimenting with a new type of analytics — as well as how IT can minimize the potential dangers of doing so. In addition, CISOs need to make DevSecOps a priority.

In this session we will discuss some KPIs which can help align both, security and nonsecurity stakeholders as to where, why, and how security fits into the process and can help align both security and nonsecurity stakeholders.

4:15 – 6:30 pm Workshop II (technical sessions/talks)
by Aarno Aukia, CTO at VSHN AG

OpenShift/Kubernetes/Docker: IT Governance and Security Architecture
Exchange of experiences on IT security in the container environment and application delivery pipelines, storage volume management, backups, networking/firewalling/WAF, cluster lifecycle management and monitoring. How can we fulfill these requirements with IT Governance?

6:00 – open end Apéro Riche and Networking (therefore reserve as well the evening!)
The speakers will be onsite for Q&A.

 


The Sponsors of this event are:

Host Sponsor Co-Sponsor

Registration

This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.

Register here!


With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it for use with its event partners and event sponsors of this platform. In addition, we share the contacts as well with the community itself.

Earn CPE Credits for
attending SIGS Events
 

Registration here!