English Deutsch Français Italiano
EN DE FR IT
STATUT du SYSTÈME MENTIONS LÉGALES
Télécharger
Partager
Marc Walzer
Délégué à la protection des données chez Sherpany

Discussing security in a world of rapid changes and continuous delivery: DevSecCon London

SÉCURITÉ 21

Information Security has always been an important topic, and it gets more and more attention every day from different industries. Currently, tech businesses are demanding quick software releases cycles for new updates and features, leaving security in the background. It tends to be managed as an afterthought and put into a reduced timeframe.

Security, however, should not be sacrificed for the sake of a speedy delivery. This is where DevSecOps comes in place.

But, what is DevSecOps?

DevSecOps is an approach that relies on the intense collaboration between development, security and IT-operations. The three core competencies together create ways to build security into the development process in a continuous manner, without neither impacting critical deadlines, nor delaying a software's release cycles.

In order to be able to react fast to the rapidly changing requirements and deliver a highly secure service, Sherpany follows the DevSecOps approach. With greatly skilled developers, security quality gates already early in the development lifecycle, automated security assessments and external assurance, Sherpany delivers a very high level of security for all information stored in the Sherpany meeting software.

Nevertheless, we strongly believe that it's essential to acknowledge industry trends and learn about best practices to overcome internal challenges. That is why security team members from Sherpany have attended this year's DevSecCon conference in London, which took place during the month of October.

The DevOpsCon event

The DevOpsCon conference is a platform for leading experts to showcase their ideas in order to give different perspectives on common topics of the industry. This year's edition gathered 22 expert speakers and 350 attendees from different countries, industries and backgrounds. They all met in the heart of London for two days of intense discussions and exchange of ideas on best practices, current trends and innovative approaches.

"Attending the conference allowed me to get a better grasp of the trends in the field. It was also a great opportunity to meet people that shared valuable know-how, and had a lot of insightful, experience-based learnings for all those participating." explains André Carpinteiro, DevSecOps Engineer at Sherpany

Of all presentations, one stood out because of its fascinating concept. Matthew Pendlebury, Senior Security Consultant, MWR InfoSecurity, and expert in organisational defensive security, talked about "attack aware application".

The concept reveals that if an application is “attack aware” it does not rely solely on external components, such as antivirus software, firewall solutions or intrusion detection systems to detect malicious activity. What it can do, however, is to detect an attack by itself, and even react to it appropriately. The concept brings to light a big advantage: this type of behaviour can result in another layer of security in order to protect the sensitive information.

DevOpsCon London's agenda offered other insightful talks about threat modelling, security automation and instrumentation and many other topics. The event brought together experts from the fields of DevOps and Security ensuring an environment of learning and support for participants to make sure that their development and delivery cycles are secure. This added to the successful outcome of the event and made the team from Sherpany excited to attend this year's conference.


For more information on the subject, we invite you to read about the importance of software security at Sherpany.

Marc Walzer
Marc Walzer
Délégué à la protection des données chez Sherpany
Marc Walzer est titulaire d’un MSc en sciences appliquées (HESD) à la recherche sur les systèmes d’information. Chez Sherpany, il est responsable de la sécurité de l’information et s’assure que les données personnelles soient traitées de manière appropriée.

Marc est aussi l'auteur de Weak TLS Encryption: a wide-spread risk

Visiter le site web

Connaissances et Ressources

Voir tous les articles
None
Sherpany

Qu'est-ce que la sécurité des données ?

None
Cécile Dejoux

L'IA au service du dirigeant de demain

None
Guillaume Gamelin

La cybersécurité, un nouveau défi pour les entreprises

None
Sherpany

How to manage cyber security in the digital era

None
Caroline Wong, Chief Security Strategist

What do directors and boards need to know about security and security testing?

None
Genève Aéroport - Étude de cas

Une véritable solution d'affaires pour le conseil d'administration de l'Aéroport de Genève

None
Sherpany

Qu'est-ce que la sécurité des données ?

None
Cécile Dejoux

L'IA au service du dirigeant de demain

facebooktwittergoogle-plus2linkedin2envelopsearch

Connaissances et Ressources

Nous aidons les dirigeants et les administrateurs à tirer profit de toutes leurs réunions à travers des interviews d'experts, des articles, des livres blancs, des guides et des études de cas.


Nos ressources abordent les thèmes suivants :

  • Gestion des réunions
  • Transformation digitale
  • Management agile

Essayez Sherpany

En remplissant le formulaire ci-dessous, vous serez contacté par l'un de nos experts qui vous montrera, sans obligation, le fonctionnement de la solution Sherpany et comment celle-ci peut gérer vos réunions pour vous.

Contactez-nous

Si vous souhaitez en savoir plus sur notre solution ou si vous avez des demandes spécifiques, remplissez ce formulaire et nous vous contacterons dans les plus brefs délais.

Demandez un devis

Remplissez le formulaire suivant et vous serez contacté dès que possible.

S'abonner à la newsletter