Shift-Left Safety is a scorching matter amongst software program builders these days. The precept of “shift-left” is straightforward (assume “left” alongside a timeline). It refers back to the quickly rising development of safety checks and controls shifting to earlier within the code improvement pipeline. A few examples could be:
- including safety into the code writing course of (for instance by including safety plugins to an IDE)
- the code commit course of (for instance through the use of automated checks within the pipeline)
Cisco Stay is a superb alternative to study
These of you conversant in Cisco Stay and the DevNet Zone realize it’s an incredible place to attach with friends, discover pathways by way of challenges, and study how-to _ (you fill within the clean)_ . This 12 months you’ll be able to attend periods in-person or just about. And, we’ve got fairly numerous periods on shift-left safety so that you can think about. Listed under are 2 DevNet classroom periods and 6 hands-on workshops. The workshops all make use of our new studying lab platform, providing a clean built-in expertise, with out the necessity to set up all types of necessities in your system.
Cisco Stay periods specializing in shift-left safety
Click on on the session title under to study extra and to register
I’ll current this session along with Randy Birdsall, Sr. Director of Product Administration with Cisco AppDynamics. We are going to cowl numerous floor on this session and have many demos so that you can see. We are going to clarify tips on how to deploy a cloud-native microservices utility in AWS, and add safety in numerous steps of the event pipeline. We are going to add safety earlier than deployment, in addition to safety that may shield the manufacturing atmosphere of the dwell utility. You don’t wish to miss this one if you wish to get an excellent overview of what’s doable with Cisco to shift your safety left! Be a part of me on Thursday, 12:00 PM within the DevNet Theater.
It is a must-see discuss by an exterior speaker from Cycode, Kyle Winters. Kyle has spoken at Cisco Stay earlier than and is a Distinguished Speaker. His session is about assaults on the supply-chain. As DevOps strikes parts into their Provide Chain Administration (SCM), new safety challenges emerge. Right now, an incident in one of many DevOps levels can now compromise all the pipeline. Attackers not should instantly exploit manufacturing apps to start out an assault as a result of fashionable SCM comprise data to realize entry manufacturing methods. Try Kyle’s session on Tuesday at 4:00 PM.
DevNet Zone Workshops:
Brian Sak, Technical Options Architect at Cisco, will supply a really cool workshop on real-world API assaults. APIs at the moment are a quite common assault vector into these apps and visibility into their use (and misuse) is important. This DevNet workshop will provide you with hands-on monitoring API calls inside a Kubernetes-deployed, cloud-native utility utilizing APIClarity. Wednesday at 11:00 AM.
Staying on the APIClarity practice we’ve got one other superior workshop with. Not all purposes within the cloud native world have their open API specification obtainable – and that is very true for legacy and/or exterior purposes. After we attempt to make the most of APIs or assess the danger of those APIs, having the open API specification is an important and required constructing block. On this workshop, Zohar Kaufman, Director Engineering, and Alexei Kravtsov, Software program Engineering Technical Chief, will introduce APIClarity — a brand new open supply device that can act as a Wireshark for APIs and, when put in in a Kubernetes atmosphere. Their session is so good, we are going to supply it twice! Tuesday at 3:00 PM and Thursday at 10:00 AM.
In a rush? We acquired you! Oxana Sannikova, Technical Options Architect at Cisco, will current a lightning discuss (20 minutes) about Cisco Kenna’s risk-based vulnerability administration. On this fast session we are going to show how Cisco SecureX orchestration and Kenna Safety might be leveraged to automate vulnerability administration. Test it out. Monday at 10:30 AM.
Is safety making your course of sluggish, making issues complicated, or is it an enabler? On this session, You’ll see how one can construct safety into your CI/CD pipelines and be absolutely automated, built-in, and centrally managed. You’ll learn to leverage Cisco safety options like Safe Workload, Cloud Analytics, Safe Firewall Cloud Native and SecureX, to automate, orchestrate your safety throughout the board, and assembly your compliance targets. Full of demos and interactive palms on labs! Don’t miss this superior workshop by Barry Yuan, Technical Options Architect at Cisco on Tuesday at 2:00 PM
This session will present an outline of programmability instruments and strategies obtainable for Cisco Safe Workload (previously Tetration). They are going to dive into use circumstances gathered from the purchasers we help to automate widespread workflows resembling well being checks and enforcement readiness. This workshop is offered by Furong Gisiger and Gabriel Fontenot, each Software program Engineering Technical Leaders at Cisco Programs. Wednesday at 1:00 PM
This session will give attention to how Cisco options empower DevOps and Safety groups to repeatedly shield their rising Cloud Native deployments from threats and vulnerabilities. And do it throughout photos, containers, runtime deployments and Kubernetes infrastructure. This workshop is obtainable by Asifiqbal Pathan and Arvind Kumar, each Principal Architects at Cisco. Tuesday at 4:00 PM.
Sufficient content material to stay up for? I’m fairly positive you’ll be able to fill your day fairly properly with all of those superior Shift-Left safety periods. I’m very a lot trying ahead to this primary in-person Cisco Stay in a couple of years. Please be part of me in exploring the DevNet Zone till we’ve got packed our brains with contemporary new data.
To study extra about Cisco safety options:
Be a part of our every day livestream from the DevNet Zone throughout Cisco Stay!
Join the DevNet Zone Cisco Stay E mail Information and be the primary to learn about particular periods and surprises whether or not you might be attending in particular person or will have interaction with us on-line.
We’d love to listen to what you assume. Ask a query or depart a remark under.
And keep linked with Cisco DevNet on social!