2020 - Whitesource
2020 Whitesource Conference on Application Security - Security Phoenix
DevSecOps is usually a tool or fast speed approach to the organization. This talk, however, will take you through a different approach. With a holistic view of the organization, the security phoenix methodology takes into account a large organization with assessment, maturity matrix, scoring system and measurement options. We will walk through the problem of Build and Test (DEV/TEST) and how they relate to Design and Operate in a modern approach to SDLC. Why is the metric important and how to measure progress?
The talk is aimed at specialists that want a holistic approach of DevSecOps, a practitioner that wonders where an architect or ops guy fits in this brave new world.
The talk will give a real-life example, stories, as well as use cases to take the fluff talk out of the DevSecOps phrase! We talk real numbers and cases here, so tune in.
Francesco Cipollone
Head of Cloud Security Alliance, Director of NSC42
I’m Francesco, a Cybersecurity Executive/Chief Information Security Officer (CISO) who specializes in strategy and cloud security. Fuelled with passion, curiosity and dissatisfaction for the status quo, I believe in protecting identities in cyberspace and creating a safer, a more connected world for future generations.
I'm currently helping HSBC building their cybersecurity architecture practice and I’m acting virtual CISO for ELEXON.
I've delivered effective cybersecurity transformation for my client in Financial services such as Nationwide, Charles Taylor, Capita Asset Management, Link Asset Management. I've also delivered a cybersecurity improvement program for different sectors, amongst my clients: United Nations (WFP and FAO), National Lottery (Camelot), Vodafone, BT, Telecom Italia.