Securing Rapid Application Delivery
Stan Wisseman (CISSP, CISM, CSSLP, CCSK) is a Security Strategist for the Security & Information Governance business unit at HPE (Hewlett Packard Enterprise). In this role, Mr. Wisseman is responsible for providing thought leadership and insight regarding the ever changing global threat landscape. Mr. Wisseman has over 30 years of information security experience.
Prior to joining HPE in 2014, Mr. Wisseman served as the Chief Information Security Officer for Fannie Mae. While there, he helped establish their application security program. He is currently representing HPE as a Fellow at the Institute for Critical Infrastructure and Technology, a non-partisan think tank that advises the legislative community on cybersecurity issues, and is the Program Chair for the (ISC)2 National Capitol Region chapter.
DevOps is an agile-aligned software development methodology that seems to be growing quickly in popularity with a number of organizations. But how real is this transition to DevOps? This philosophy for rapid application deployment can greatly impact a software security group’s ability to integrate in security touchpoints throughout the SDLC. To get past the hype, the HPE Fortify team conducted an industry study to assess the general habits, practices and tools used by those practicing DevOps, as well as their security point of view. The study leverages data and analysis from HPE security teams, industry leaders, enterprises, and developers to deliver key insights on the multiple gaps and barriers between the promise and reality of secure DevOps. Together with the research insights from the study, we will also provide guidance on how the DevOps philosophy can provide advantages, providing opportunity for integration of security automation as part of the development and deployment of applications.