search menu icon-carat-right cmu-wordmark

DevSecOps Lessons Learned from Covid-19 Era

December 2021 Presentation

This presentation by Kayra Otaner of ADP was given virtually at DevSecOps Days Washington D.C. 2021 on December 16, 2021.

Publisher:

Software Engineering Institute

Abstract

Covid-19 has introduced various new concepts to public, such as contact tracing, mobility restrictions, border closings between nations, rate of transmission and such. We’ll talk about how this new ‘normal’ can also shape our ways of evangelizing proper vulnerability management and DevSecOps practices. At the heart of our discussion we’ll focus on survivalist approach to the vulnerability problem and metric driven DevSecOps for securing software supply chain.

Kayra is a trusted DevSecOps advisor. His recent work focuses on DIE (Distributed, Immutable & Ephemeral) insfrastructure, shifting security left and align enterprises with modern cloud native & future proof DevSecOps patterns.

Kayra’s previous accomplishments in DevSecOps include leading teams that were responsible for applications running primarily on bare metal/on-prem data centers for WPP (Xaxis) and FICO (Adeptra) both are PCI/SOX regulated organizations. A few of his most recent projects include migrating applications to public cloud providers, building cloud native applications and mentoring CloudOPS/SRE teams for e-commerce companies (one customer is valued at $11B today, owned by AliBaba). He is the chief architect for Turkish Navy, developing their unified cyber security & threat hunting solution named Ahtapot (Octopus). The Octopus was battle tested in LockedShields 2017 Cyber Defense exercises in Talynn, Estonia. Some major capabilities included are SIEM, honeypots, netflow & full packet capture, and intrusion detection.

Kayra is a published author and member of the Business and Computer Science Advisory Board for Middlesex County College in New Jersey. In recent years he delivered various DevSecOps talks on DevOpsDays Istanbul 2016, DevOps Europe 2017 Lithuania, DevOpsPro Moscow 2018, DevSecOpsDays Istanbul 2019. His previous talks were about moving target defense (DIE), deploying honeypots to K8S, securing cloudnative workloads for ZeroTrust.

He enjoys flat-water kayaking and has recently started upcycling wooden pallets for various outdoor furniture projects. He’s a LinuxFromScratch fan (ID #5893) and in his spare time he is working on compiling LFS using ArgoCD&ArgoWorkflow in K8S as a pet project.

Watch the video on YouTube or below: