Steve is an experienced computer systems and security architect with a passion for standards-based security and compliance; cloud computing; and DevSecOps. He brings over a decade of experience in the defense industry, working for multiple federal defense contractors, and has directly supported customers in organizations across the health care, retail, financial, pharmaceutical, and other verticals.
As president and CTO of Alpine Cyber Solutions, Steve and his team have built a full-featured IT and cybersecurity service company from the ground up. Today, Alpine Cyber is a leader in security managed services, vCISO services, risk assessment, and DevSecOps consultation.
The ABCs of DevSecOps (<– add to your schedule)
Application Security is the most oft-ignored, yet critically vulnerable attack vector in many businesses today. Development teams are encouraged to create new features first and foremost, at the expense of fixing vulnerabilities. It’s not until a breach or an audit finding when they pay attention to patching security holes.
So how does a thoughtful CISO get in front of this?
Application security has to exist across the application lifecycle. DevSecOps is the philosophy of imbuing proper security controls at every stage of the Software Development Lifecycle (SDLC). This session will introduce you to core DevSecOps concepts so you can bring them back to your company and make some proactive changes to “drive defects left” and reduce the risk of a catastrophic security breach in your applications