Join this event to build your agenda.

OPEN TALK: Breaking News: DevSecOps Is Broken without RUNTIME Observability


Kiran Kamity
DeepFactor.io, Founder & CEO


Passionate serial Silicon Valley entrepreneur. Head of product at Cisco Cloud BU. Founder/CEO at ContainerX (acquired by Cisco). Founder/VP at RingCube (acquired by Citrix). TEDx speaker. Loves nature, travel, and food.

Mike Larkin
DeepFactor, Founder & CTO

Author of OpenBSD Hypervisor VMM. Guest Faculty at San Jose State University for 18 years. Serial Entrepreneur Founder/CTO at RingCube (acquired by Citrix). Holds numerous patents. Avid peak bagger, climbed over 1000 summits.

Dr. Neil Daswani
Stanford Advanced Cyber Security Program, Co-Director

Dr. Neil Daswani is Co-Director of the Stanford Advanced Security Certification program and is President of Daswani Enterprises, his security consulting and training firm. He has served in a variety of research, development, teaching, and executive management roles at Symantec, LifeLock, Twitter, Dasient, Google, Stanford University, NTT DoCoMo USA Labs, Yodlee, and Telcordia Technologies (formerly Bellcore).  At Symantec, he was Chief Information Security Officer (CISO) for the Consumer Business Unit, and at LifeLock he was the company-wide CISO.  Neil has served as an Executive-In-Residence at Trinity Ventures (funders of Auth0, New Relic, Aruba, Starbucks, and Bulletproof).  He is an investor in and advisor to several cybersecurity startup companies and venture capital funds, including Benhamou Global Ventures, Firebolt, Gravity Ranch Ventures, Security Leadership Capital, and Swift VC.  Neil is also a co-author of two books Foundations of Security: What Every Programmer Needs to Know (Apress ISBN 978-1590597842) and Big Breaches: Cybersecurity Lessons for Everyone (Apress ISBN 978-1484266540).

 

Neil's DNA is deeply rooted in security research and development, he has dozens of technical articles published in top academic and industry conferences (ACM, IEEE, USENIX, RSA, BlackHat, and OWASP), and he has been granted over a dozen US patents. He frequently gives talks at industry and academic conferences, and has been quoted by publications such as The New York Times, USA Today, and CSO Magazine. He earned PhD and MS degrees in computer science at Stanford University, and he holds a BS in computer science with honors with distinction from Columbia University.


How confident are you that your code—including any 3rd party code your team brought in—is running in a secure and compliant manner before you deploy to production?

Imagine this - your developers check-in code for a new feature. It includes pieces of code your team wrote and pieces of code from a 3rd party. The code passes SAST & SCA and you deploy it to production. A day later, your production server is breached...and the attacker leveraged a bug in your code that caused privilege escalation and was able to become root.

In today’s microservices-containers/Kubernetes/Docker-DevOps world, a static code scanner isn't sufficient. You need RUNTIME observability into the application’s security, privacy, and compliance. Your developers need to know if their code or a 3rd party’s code can cause issues at runtime.

This panel of RUNTIME observability and security developers and experts will discuss the what, why, and how DeepFactor’s Continuous Observability platform:
- Automatically observes more than 170 parameters—across system call, library, network, web, and API behaviors in every thread of every process in every running container of your application—and detects security and compliance risks in your CI pipeline
- Detects insecure behaviors that only manifest at runtime and cannot be caught with code scanning or just looking at known CVE databases
- Reduces alert volume by prioritizing the findings of your SCA tools with runtime insights from observability tools
- Empowers Engineering leadership to accelerate productivity and decrease mean-time-to-remediate (MTTR) security and compliance risks pre-production as their teams ship secure releases on schedule

You’ll leave this session armed with the knowledge to immediately leverage continuous observability to consistently deploy apps with confidence.