January 18, 2020

226 words 2 mins read

Secure DevOps

Secure DevOps

DevOps allows fast automation of every part of a software's life cycle from a unit test to an entire NFV cloud deployment. If we boil down DevOps to its components, DevOps is no more then a chosen set …

Talk Title Secure DevOps
Speakers Luke Hinds (Engineer, Red Hat)
Conference Open Networking Summit North America
Conf Tag
Location Los Angeles, CA, USA
Date Mar 26-30, 2018
URL Talk Page
Slides Talk Slides
Video

DevOps allows fast automation of every part of a software’s life cycle from a unit test to an entire NFV cloud deployment. If we boil down DevOps to its components, DevOps is no more then a chosen set of tools, coupled with scripts and config files and realised as a unified methodology. As with any powerful tool set, there are inherent risks around security. These are also not just theoretical risks, many large scale corporate companies have been hacked as a result of insecure implementation of DevOps tooling. This talk will discuss some recent attacks and what we can learn from these attacks. It will also include clear examples of common risks and how to remediate those risks and improve the security posture of a users CI / CD environment. Included in this will be an overview of the tool ‘anteater’ - a security audit tool we have developed in OPNFV release engineering.

comments powered by Disqus