DevSecOps Lessons Learned from Covid-19 Era
• Presentation
Publisher
Software Engineering Institute
Topic or Tag
Watch
Abstract
Covid-19 has introduced various new concepts to the public, such as contact tracing, mobility restrictions, border closings between nations, rate of transmission, and such. We’ll talk about how this new ‘normal’ can also shape our ways of evangelizing proper vulnerability management and DevSecOps practices. At the heart of our discussion, we’ll focus on a survivalist approach to the vulnerability problem and metric-driven DevSecOps for securing the software supply chain.
Kayra is a trusted DevSecOps advisor. His recent work focuses on DIE (Distributed, Immutable & Ephemeral) infrastructure, shifting security left and aligning enterprises with modern cloud-native & future-proof DevSecOps patterns.
Kayra’s previous accomplishments in DevSecOps include leading teams that were responsible for applications running primarily on bare metal/on-prem data centers for WPP (Xaxis) and FICO (Adeptra), both are PCI/SOX regulated organizations. A few of his most recent projects include migrating applications to public cloud providers, building cloud-native applications, and mentoring CloudOPS/SRE teams for e-commerce companies (one customer is valued at $11B today, owned by AliBaba). He is the chief architect for the Turkish Navy, developing their unified cyber security & threat hunting solution named Ahtapot (Octopus). The Octopus was battle-tested in LockedShields 2017 Cyber Defense exercises in Talynn, Estonia. Some major capabilities included are SIEM, honeypots, netflow & full packet capture, and intrusion detection.
Kayra is a published author and member of the Business and Computer Science Advisory Board for Middlesex County College in New Jersey. In recent years, he delivered various DevSecOps talks on DevOpsDays Istanbul 2016, DevOps Europe 2017 Lithuania, DevOpsPro Moscow 2018, and DevSecOps Days Istanbul 2019. His previous talks were about moving target defense (DIE), deploying honeypots to K8S, and securing cloud-native workloads for ZeroTrust.
He enjoys flat-water kayaking and has recently started upcycling wooden pallets for various outdoor furniture projects. He’s a LinuxFromScratch fan (ID #5893), and in his spare time, he is working on compiling LFS using ArgoCD&ArgoWorkflow in K8S as a pet project.
Watch the video on YouTube or below:
Part of a Collection
DevSecOps Days Washington, D.C. 2021