The meetup is organised by ProdOps.io, a team of software operations architects who consult on infrastructure automation and workflow improvement. Google campus is kindly hosting us.
The meetup is in Hebrew
17:45 - Gathering, Mingling
18:15 - 19:00 - DevOps, Kubernetes and Integrating Security in Your CI/CD Pipeline by Gadi Naor
19:00 - 19:45 - Attributes of Elite DevSecOps Programs. Learned by the 2019 DevSecOps Community survey by Yossi Turgeman
**Talk 1** DevOps, Kubernetes and Integrating Security in Your CI/CD Pipeline
Yes, we know.. Containers reduce the complexity of your deployments, which is a top goal of every DevOps in every organization.
However, if developers simply throw containers over the wall, it’s left up to Ops teams to deploy manage (and secure them!), and figure out how to scale them to meet user demand. Fortunately, there is a way to start putting your Kubernetes security to Work. automatically
Kubernetes helps here by allowing developers and operations to work together to automate the deployment which is the first step. Step two is going over some of the DevOps security features that help to meld the Kubernetes platform with the DevOps culture.
In this talk, we’ll learn how to focus on securing and managing your app rather than worry about vulnerability and misconfiguration slips.
##About Gadi Naor - CTO & Co-Founder##
Gadi Naor has 15 years of experience in developing and leading the development of cybersecurity products including at CheckPoint, at which he was Business Development Manager in his last role. Gadi then joined Altor Networks, a pioneer in virtualized data center security, later acquired by Juniper Networks. Prior to Alcide, Gadi co-founded Fitfully, at which he served as CTO. Gadi holds a B.A in Computer Science from the Technion Institute of Technology
**Talk 2** Attributes of Elite DevSecOps Programs. Learned by the 2019 DevSecOps Community survey.
We've spent six years studying secure coding practices of DevOps and Continuous Delivery organizations by surveying over 15,000 IT professionals. We've analyzed their staffing practices, educational priorities, automation choices, and process improvements that improve their cybersecurity preparedness. Our study has also uncovered details of where automation fails, awareness falls short and breaches happen.
Come participate in this session where we will share the 10 habits practiced by the DevSecOps Elite that you can then apply to -- or further mature within -- your own organization. We will also uncover what our analysis revealed about securing CI/CD pipelines.
##About Yossi Turgeman - ESL##
Yossi Turgeman is a veteran in the open source governance field.
Working with different tools and companies since 2012.
Helping making sure their open 3rd party code is secure and in compliance license wise.
Today Yossi is the Head of Sales in ESL , a company which provides its customers with an ecosystem of software development, devops and security tools.