Presentation: Security Delusions (Not a Sales Pitch!)
Abstract
Security teams are frequently the gatekeepers of adopting new technology in the enterprise. In fact, information security represents perhaps the biggest tech laggard among technical functions today. “Because security” can understandably feel like an unsatisfying answer to why security teams are hesitant in embracing these technologies – particularly when there are ample benefits to productivity, performance, and stability for engineering teams.
Why do security teams so tightly clutch their pearls over modern tech? What are common enterprise security perspectives on potential risks inherent in fresh technology such as microservices – or even more conventional tech like cloud-based systems? This non-sales promo talk delves into the common delusions held by enterprise infosec, exploring the reasons why they opt for the rubber stamp of “no” to help inform how DevOps can assuage security’s concerns. We’ll also explore the “cheat codes” that can be presented to gain passage by the grumpy gatekeeper that is enterprise infosec.
Similar Talks
From Developer to Security: How I Broke into Infosec
Senior Security Advocate @Microsoft
Rey Bango
Robot Social Engineering: Social Engineering Using Physical Robots
Computer Security and Privacy / Human-Robot Interaction Researcher
Brittany Postnikoff
Modern WAF Bypass Scripting Techniques for Autonomous Attacks
Blade Runner & Director of Field Engineering (NA / EU) @kasada_io
Johnny Xmas
Privacy Tools and Techniques for Developers
Privacy Technical Lead at Schellman & Company, LLC
Amber Welch
How Much Does It Cost to Attack You?
Software Engineer @ShapeSecurity