When building a cloud native application, every software developer becomes part DevSecOps engineer. The issue is that they might not understand how to leverage cloud native capabilities to ensure security. Do they know to enable identity and access management (IAM) to ensure users operate with the least privilege within cloud infrastructure? This session will cover common security mistakes made in the cloud, review native tools cloud providers have made available and teach attendees how to deploy and securely run an application in the cloud.
This session is geared at developers and DevOps engineers who want to learn the key principles of application security in the cloud and create a secured CI/CD process. It is also useful for security engineers who seek to minimize disruptions in software delivery. Attendees will learn how to shift cloud security left, how to reduce the unique attack surface of the cloud and to create a secured infrastructure configuration.