March 26-29, 2018 - Los Angeles, CA
Click Here For Information & Registration
Back To Schedule
Wednesday, March 28 • 11:15am - 12:05pm
Secure DevOps - Luke Hinds, Red Hat

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
DevOps allows fast automation of every part of a software's life cycle from a unit test to an entire NFV cloud deployment. If we boil down DevOps to its components, DevOps is no more then a chosen set of tools, coupled with scripts and config files and realised as a unified methodology.

As with any powerful tool set, there are inherent risks around security. These are also not just theoretical risks, many large scale corporate companies have been hacked as a result of insecure implementation of DevOps tooling.

This talk will discuss some recent attacks and what we can learn from these attacks. It will also include clear examples of common risks and how to remediate those risks and improve the security posture of a users CI / CD environment. Included in this will be an overview of the tool 'anteater' - a security audit tool we have developed in OPNFV release engineering.

avatar for Luke Hinds

Luke Hinds

Senior Principal Software Engineer, Red Hat
Luke Hinds works within the Emerging Technologies group in Red Hat's CTO office, where he leads a team working on open source security. Luke started the project sigstore, alongside many other OSS security projects. He has held numerous OSS community leadership roles, such as the Kubernetes... Read More →

Wednesday March 28, 2018 11:15am - 12:05pm PDT
Hollywood Ballroom II