Masterclass: DevSecOps, SecDevOps and Secure Cloud Transformation: Accountability Through Cloud Security Engineering

Meet the Experts

Key Takeaways

⇨ A deep dive into how SAP manages security through the development/DevOps cycle

⇨ Lessons for post-deployment compliance and vulnerability scanning, the data engineering involved, reporting and tracking

⇨ Building an organizational support culture and accountability structures that ensure findings are followed up, managers know security and accountability are part of their KPIs, and incentives

As a cloud services provider, it is more important than ever to secure the software and services SAP provides. It is most efficient to manage this in the development cycle as much as possible through a DevSecOps approach that includes security controls every step of the way. However, we need to ensure our deployed landscape meets security and compliance requirements and also detects and responds to incidents.

Running scans across a landscape of 1,000s of cloud accounts, central tracking, and getting alerts into the hands of those that can do something about them requires its own engineering through a SecDevOps approach of a DevOps for security operations, involving data integration and enrichment with asset metadata and ownership information. This data enables organizational support structures of accountability that ensure any issues are addressed in a timely fashion. In this Masterclass, learn applicable lessons on how SAP “shifts left” and “shields right” to protect the cloud landscape in a cycle of continuous improvement.

Read the presentation here.

More Resources

See All Related Content