Early-bird Discount
expires in
Register Now

Agenda

Let the Robots Help: Protecting the Build and Deployment Chain

Let the Robots Help: Protecting the Build and Deployment Chain

Session
Thursday, December 05, 2024 12:15—12:35
Location: Satellit

It's not enough to just protect the calls to your APIs, you have to know what code you're running and how it got there. In today's world of dynamic development and deployment, developers are given incredible power to effect change in live products and systems. Code and configuration changes alike can get pushed out worldwide, sometimes to catastrophic effect. With more moving parts comes more changes for human error. So how can we make this better? Get the humans out of the way!

Today's systems allow us to automate many of the security chores that once fell to the wayside as busywork for the most junior sys admins, and the robots don't make the kinds of mistakes people do. Going beyond just checking if a codebase compiles, we can now manage the build path, dependencies, runtime platforms, code quality, configuration, and other aspects of the build and deploy process as it exists today.

We'll walk through each piece of the development and deployment chain and discuss the importance of protecting each step, while showing how to do address security, auditability, and reliability throughout. And most importantly, we'll take a deep look at the human cost of automation, and how bad automation can breed workarounds that can lead to unparalleled global disasters.

Justin Richer
CTO
UberEther
Justin Richer is a security architect, software engineer, standards editor, and systems designer with over two decades of industry experience. He is the lead author of OAuth2 In Action and...
Almost Ready to Join the cyberevolution 2024?
Reach out to our team with any remaining questions
Get in touch