Case Study

DevSecOps Responsibilities: Automating Cloud Security and Incident Response at Comcast

Apr 24, 2019

Comcast's Jearvon Dharrie says, "Automation is a requirement, not a feature." This talk describes his team's journey into public cloud, and how they took control of their infrastructure.

A common solution to cloud security is the gatekeeper model. Old-school security teams think they can prevent breaches by locking down the network and having all requests funnel through a ticket system.

But this model often makes your cloud less secure: Solutions need to be implemented for each service and there is a lack of consistency. It also adds friction, so teams tend to skip it.

In this talk, Dharrie discusses creating a security framework for your enterprise. It takes principles of automation from DevOps and applies it to security. For example:

  1. Creating cloud users through code so they all have the same password policy and access rules
  2. Using serverless to monitor for misbehaving VMs

Stay Informed

Subscribe to our monthly newsletter to get the latest news and product updates.

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now