🔴 Proven Threat Modelling Tactics for DevOps | скачать в хорошем качестве

🔴 Proven Threat Modelling Tactics for DevOps |

🛑 📣 As attendees probably understand, DevOps isn’t really about automation. But, we’ve all heard claims that “everything in DevOps can be, and must be automated”. On the other hand, threat modelling has a reputation for being an expert only, almost mystical practice that only the initiated manually perform, off in some isolated corner. 🚨 It might seem that DevOps and threat modeling are opposing forces? It doesn’t have to be. Find out how most of us intuitively threat model as a matter of living. Thankfully, some threat modeling tasks can be automated: the toolset is maturing rapidly. Indeed, some parts of many models can be generated through the existing toolset, some of which are open source or free. For that which must be accomplished manually, there are proven DevOps-friendly approaches. 📊 There really are “right DevOps methods” and, sadly, “wrong ways” that just won’t work. Join author, Brook S.E. Schoenfield for an in-depth look at DevOps threat modeling. 📚 What will you learn? ✅ 1. Interactively participate in threat modeling ✅ 2. Automated activities in threat modeling ✅ 3. Open source and commercial threat modeling tools ✅ 4. Field-proven threat modeling approaches 🎤 Speaker: Brook S.E. Schoenfield; Elder AppSec Diplomat and Threat Modeling Expert Brook S.E. Schoenfield has authored several books on software security, has taught 100’s of security architects. Indeed, 1000’s have been through his threat modeling trainings. Currently, Mr. Schoenfield works with organizations and technical leaders to improve software security practices. He also teaches at the University of Montana. Brook Schoenfield is currently the technical leader and advisor to Resilient Software Security, LLC and True Positives, LLC. Previously, he technically led product security architecture at McAfee (Intel), Cisco Engineering. 🛑 If you liked this video and want to see more from Practical DevSecOps, subscribe to our channel:    / @practicaldevsecops   🤔 To learn more, visit our website and explore our courses: https://www.practical-devsecops.com/c... 📌About Practical DevSecOps: Practical DevSecOps ​(a Hysn Technologies Inc company) offers vendor-neutral, practical, and hands-on DevSecOps training and certification programs for IT Professionals. Our online training and certifications are focused on modern areas of information security, including DevOps Security, Cloud-Native Security, Cloud Security & Container security. The certifications are achieved after rigorous tests(12-24 hour exams) of skill and are considered the most valuable in the information security field. For more information, visit: www.practical-devsecops.com or follow us on social media: 👉🏻 Twitter: @PDevsecops 👉🏻 LinkedIn:   / 14504770   👉🏻 Facebook:   / pdevsecops