Governance, Risk, and Compliance: What you need to know about CI/CD Governance

Topic Description
In the SolarWinds hack of 2020, FireEye, a cybersecurity vendor, announced an intrusion that resulted in the theft of over 300 proprietary security tools offered by the vendor. SolarWinds, an IT monitoring vendor, had pushed malicious code to over 18,000 customers, including Fortune 500 companies and large federal agencies, including the U.S. Department of Homeland Security (DHS), Microsoft, and NASA. Following this announcement, security experts launched an investigation into the hack, putting the Software Development Life Cycle (SDLC) and all its processes under review. Join this meetup session as we discuss:

• The role of CI/CD and its potential impacts on events like the SolarWinds hack
• How to apply IT Governance, Risk, and Compliance principles and practices to CI/CD pipelines
• And how to use these CI/CD capabilities to reduce and mitigate software risks

Speaker Bio
Tiffany Jachja, Technical Evangelist, Harness

She is an advocate for better software delivery, sharing applicable practices, stories, and content around modern technologies. Tiffany has given talks about software delivery and DevOps at several conferences including SpringOne, Red Hat Summit, and DevOps World. She is currently a Technical Evangelist at Harness. Find her on Twitter or Linkedin @tiffanyjachja.

Sponsor
Thank you to OPSANI, an AI-driven application performance optimization SaaS company, for sponsoring food and beverages in the form of DoorDash coupons for our first 50 attendees! https://opsani.com