In the SolarWinds hack of 2020, FireEye, a cybersecurity vendor, announced an intrusion that resulted in the theft of over 300 proprietary security tools offered by the vendor. SolarWinds, an IT monitoring vendor, had pushed malicious code to over 18,000 customers, including Fortune 500 companies and large federal agencies, including the U.S. Department of Homeland Security (DHS), Microsoft, and NASA. Following this announcement, security experts launched an investigation into the hack, putting the Software Development Life Cycle (SDLC) and all its processes under review. Join this meetup session as we discuss:
The role of CI/CD and its potential impacts on events like the SolarWinds hack
How to apply IT Governance, Risk, and Compliance principles and practices to CI/CD pipelines
And how to use these CI/CD capabilities to reduce and mitigate software risks
She is an advocate for better software delivery, sharing applicable practices, stories, and content around modern technologies. Tiffany has given talks about software delivery and DevOps at several conferences including SpringOne, Red Hat Summit, and DevOps World. She is currently a Technical Evangelist at Harness. Find her on Twitter or Linkedin @tiffanyjachja.