CSE Speaker Series – Jesse Crawford

On Friday, October 5th at 3:00 pm in Jones Annex 101, Jesse Crawford will give a talk “Automate the Boring Parts: IA compliance in agile environments”.

Abstract:
Most parts of the world of computer security are far less interesting
than they’re made to look on television. But there’s one aspect they
don’t even try to put on TV: compliance. Many organizations today,
especially in the public sector, are struggling to apply conventional,
paper-based compliance and auditing processes to IT infrastructure that
may be frequently changed, automatically managed, and highly virtualized
and containerized. This leads to people spending all day updating “The
Spreadsheet,” “The Spreadsheet” still being wrong, audit findings coming
back in the form of “The New Spreadsheet,” and no one going home happy.
This talk will explore the not-so-exciting world of information
assurance compliance and auditing, the almost too exciting world of
agile IT infrastructure, and the emerging effort to make the two get
along: DevSecOps. Because one time someone said “there’s no security in
DevOps” and man were we going to prove them wrong.

Posted on .