Every day, IT professionals live and breathe applications, yet our focus for operational tools is a single container, virtual machine, database, etc. How do these items map to the application in use? Even the monolithic-looking applications of yesterday were actually made up of services. Those services will be reborn as microservices within the applications of tomorrow. How do we make this transition? Is it possible with a container as a service model? Or should we scratch the past and start over?
At InfoSec World a few weeks ago, I was in a talk with Rich Mogull (@rmogull) of Securosis. Rich spoke on the concept of SecDevOps while demonstrating how he applies this concept to workloads running within Amazon. Now, some would argue that DevOps already contains security practices within the workflows. The unfortunate reality is that, in many cases, security is overlooked in the rush to get product out the door. So, how does SecDevOps differ from DevOps? Not a lot, except that it has a higher degree of security focus. The goal of SecDevOps is not to change the developers, but to get the security team involved as a part of development at carefully planned locations within the DevOps workflow. Continue reading Security DevOps (SecDevOps)
It is often very hard to plan which virtualization and cloud conferences to attend and why. You may need to start your planning now as justification from work could be hard to come by. It may mean you make the decision to go on your own dime. If you do the later, there are some alternative mechanisms that could work for the bigger conferences. The conferences and events I attend every year depend on my status with the organization hosting those events, and whether or not I can get a ‘deal’ as a speaker, analyst, or blogger. So what conferences do I find worth attending? That will also depend on your job role. There is one I would attend regardless of role, and a few I would attend as a Virtualization and Cloud Security person. All are good conferences. So here is my list: Continue reading Virtualization and Cloud Conferences for the Year