Today, the CI/CD pipeline is mainly built on open source tools — Kubernetes, Jenkins, GitLab, etc. Security has traditionally been closed, but it’s now clear the pace of innovation cannot be constrained by proprietary development models. Loris will discuss key practices needed for a secure cloud and container environment, including:

• what is required to increase security, visibility and simplicity in the cloud,
• lessons learned from major attacks like Kaseya and SolarWinds,
• ways to leverage Secure DevOps to not only ‘shift left,’ but also ‘roll right’ for detection and response,
• how open source is the key ingredient to see all your signals in a constantly changing landscape.