CALL FOR SPEAKERS IS OPEN
- Event: DevOps Connect: Rugged DevOps
- Location: RSA Conference 2017, San Francisco, CA
- Date of DevOpsSec: Monday, February 13th, 2016
- Time: 9:00am to 5:00pm, PST
Over the last few years the tide known as DevOps has been washing over the entire IT space, including security. Events like Gene Kim’s DevOps Enterprise Summit have showed us beyond a doubt that DevOps is not just for Internet startups (unicorns), but it’s for large complex, and highly regulated organizations (horses) such as Disney, Capital One, Macy’s, GE, Nordstrom, Target, U.S. Citizenship and Immigration Services at DHS, and many, many more.
DevOps and “continuous everything” is profoundly changing the entire software supply chain. Our goal is to show how the fittest in InfoSec are adapting and what lessons we can learn to help us all adapt. The purpose of DevOps Connect: Rugged DevOps is to assemble the best practitioners who are forging how InfoSec integrates into DevOps, to grow the tribe, and to build relationships and collaborations with DevOps leaders and luminaries outside of the security “Echo Chamber”.
Objectives of DevOps Connect: Rugged DevOps at RSAC 2017
For 2017, we have the following goals:
- bring the best and brightest of the DevOps and InfoSec communities together
- share and codify effective patterns and practices, for mutual growth and benefit
- for new-comers, demystify the DevOps foundational concepts that every InfoSec practitioner needs to know
- capture the failures and toughest problems facing our industry, and mobilize to solve them
Thank You for your Support
Thank you in advance for your interest and support of this project. We look forward to reading your proposal!
Josh Corman, Gene Kim, Mark Miller & Alan Shimel
How Submissions are Evaluated
We are looking for speakers to discuss the unique challenges of adopting DevOps in the enterprise, the obstacles to security being a contributing and valued partner in DevOps and the ways to overcome them. Specific topics we are looking for include, but are not restricted to:
- How did you get senior management buy-in? What did you do? How did you quantify the business value?
- Examples of security teams being integrated into the CD or DevOps process
- How did you overcome objections inside the organization?
- How did you design and implement effective controls to mitigate security risks?
- Which business area (and application) did you start with, why, and what did you do?
- What were the top challenges, and how did you overcome them?
- What were your top mistakes, and what advice would you give as a result?
- In-progress stories (and even nightmares) are welcome!
- Speaking slots are 20 minutes.
- Attendees must be able to use the bulk of the presentation’s lessons without buying or using a particular tool or service.
- While we love consultants and vendors (they’re some of our favorite people!), we are looking for stories from the organizations adopting these practices. We are prioritizing practitioner presentations (or joint ones with their game changing consultant/vendors).
- You can submit up to three talks for the conference. No spamming.
- Each submission should end with a slide communicating three things:
- A specific challenge you could use help with (people, process, or technology).
- A specific offer of how you could help other attendees (people, process, or technology).
- If you could wave a magic wand and get any change you want from the DevOps and “continuous everything” software supply chain you depend upon, what would it be and why?