With the arrival of Kubernetes and Containers and efforts of the Cloud Native Computer Foundation we also received the first practical guide to DevSecOps by the US Department of Defence. Even if we dislike the .mil, now is the time to look deeper into the security concepts of public and private clouds. Which of the classic architectures will survive. What needs to be adapted or to be changed into state of the art security concepts. How to keep up with the accelerating speed of attacks. How do we replace the castle moats and walls in an agile GitOps environment by fluent moves. How do we transform our security landscape into the modern world? What about Site Resilience Engineering, concepts like Zero Trust, and Chaos Engineering on security entities. Is this just Buzzword Bingo or can we turn these ideas into practical concepts?
Dr. Thomas Fricke
Pro Bono Activities