Clear

Thursday, February 18, 2021

- PST
OPEN TALK: Breaking News: DevSecOps Is Broken without RUNTIME Observability
Join on Hopin
Kiran Kamity
Kiran Kamity
DeepFactor.io, Founder & CEO
Mike Larkin
Mike Larkin
DeepFactor, Founder & CTO
Dr. Neil Daswani
Dr. Neil Daswani
Stanford Advanced Cyber Security Program, Co-Director

How confident are you that your code—including any 3rd party code your team brought in—is running in a secure and compliant manner before you deploy to production?

Imagine this - your developers check-in code for a new feature. It includes pieces of code your team wrote and pieces of code from a 3rd party. The code passes SAST & SCA and you deploy it to production. A day later, your production server is breached...and the attacker leveraged a bug in your code that caused privilege escalation and was able to become root.

In today’s microservices-containers/Kubernetes/Docker-DevOps world, a static code scanner isn't sufficient. You need RUNTIME observability into the application’s security, privacy, and compliance. Your developers need to know if their code or a 3rd party’s code can cause issues at runtime.

This panel of RUNTIME observability and security developers and experts will discuss the what, why, and how DeepFactor’s Continuous Observability platform:
- Automatically observes more than 170 parameters—across system call, library, network, web, and API behaviors in every thread of every process in every running container of your application—and detects security and compliance risks in your CI pipeline
- Detects insecure behaviors that only manifest at runtime and cannot be caught with code scanning or just looking at known CVE databases
- Reduces alert volume by prioritizing the findings of your SCA tools with runtime insights from observability tools
- Empowers Engineering leadership to accelerate productivity and decrease mean-time-to-remediate (MTTR) security and compliance risks pre-production as their teams ship secure releases on schedule

You’ll leave this session armed with the knowledge to immediately leverage continuous observability to consistently deploy apps with confidence.