The velocity of modern IT is breathtaking: while most IT organizations struggle with monthly releases, agile organizations like Netflix, LinkedIn, Twitter, Github, Etsy and others are doing tens, hundreds, or even thousands of code deploys per day. They have shown the competitive advantage that the combination of commoditized cloud infrastructure, DevOps processes and hypothesis-driven development can create. They are quickly releasing features that matter to customers, saving the business money, while helping the business win. This agility and cost-savings delights the business. And with good reason, it can terrify information security and audit. If security was easily marginalized in a conventional IT organization, DevOps can be completely bypass security. DevOps aligns the former adversaries of Dev and Ops. Security needs to enable ludicrous speed or be left behind. Where security has failed, we believe Rugged DevOps can succeed, by integrating into DevOps, helping develop applications that are scalable, available, survivable, securable, and supportable. In this talk, I’ll presenting key findings of my 15 years of research of high performing IT organizations, and prescriptive patterns of how infosec can best integrate into the daily work of Dev and Ops.
Gene Kim is a multiple award winning CTO, researcher and author. He was founder and CTO of Tripwire for 13 years. He has written three books, including “The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win" and “The Visible Ops Handbook.” Gene is a huge fan of IT operations, and how it can enable developers to maximize throughput of features from “code complete” to “in production,” without causing chaos and disruption to the IT environment. He has worked with some of the top Internet companies on improving deployment flow and increasing the rigor around IT operational processes. In 2007, ComputerWorld added Gene to the “40 Innovative IT People Under The Age Of 40” list, and was given the Outstanding Alumnus Award by the Department of Computer Sciences at Purdue University for achievement and leadership in the profession.