With organizations and individuals increasingly moving to the cloud, the need for secure and agile deployment pipelines is more important than ever. This session explores how to achieve this goal by strategically placing security controls throughout the different phases of the DevOps process. Topics covered include the DevOps toolchain, security tools, and techniques for injecting security controls into automated pipelines.

Learning objectives:
Introduction to DevOps toolchain
High level overview of DevOps security (DevSecOps)
Intro to SEC540

SANS SEC540: Cloud Security and DevSecOps Automation training course, www.sans.org/cyber-security-courses/cloud-security…

About the Speaker
Ahmed Abugharbia works for CDW’s Managed Security Services. He manages a team of engineers that are responsible for building managed cloud security services. Ahmed is also a co-founder of Cystack consulting, which has been serving clients in the Middle East since 2010. Over the past 15 years, Ahmed has worked on a wide range of security projects and technologies, from securing networks and applications to Penetration Testing and Incident Handling. With introduction of cloud services, Ahmed has turned his interest into Cloud Security and DevSecOps. Ahmed is an instructor for SEC540: Cloud Security and DevSecOps Automation. Learn more about Ahmed at www.sans.org/profiles/ahmed-abugharbia/

SANS Cloud Security focuses the deep resources of SANS on the growing threats to The Cloud by providing training, GIAC certification, research, and community initiatives to help security professionals build, deploy and manage secure cloud infrastructure, platforms, and applications.

SANS Cloud Security Curriculum: www.sans.org/cloud-security
Twitter: @SANSCloudSec
LinkedIn: www.linkedin.com/showcase/sanscloudsec/
Discord: www.sansurl.com/cloud-discord