# Security and DevOps are Really Best Friends

### Abstract

DevOps teams still think of Security as “the people who say no.” However, DevOps are Security’s best allies in getting basic security improvements in place. Using the framework of the CIS Critical Security Controls (chiefly the ones classified as Basic), we will explain the ways that Security teams can sell security improvements to the DevOps/SRE/Automation teams and help them get their priorities addressed.For example, while having an inventory of all hardware and/or cloud assets is critical to speedy investigation of incidents, it is also critical to keeping systems within SLAs for their lifecycle and ensuring that billing for resources is correct. Likewise, the other Basic Critical Security Controls line up directly with DevOps and Automation teams’ priorities, and Security teams can meet their goals of improving the security of the company at the same time.

Date
Location
Las Vegas, Nevada, United States

Click on the Slides button above to view the built-in slides feature.

Slides can be added in a few ways:

• Create slides using Academic’s Slides feature and link using url_slides parameter in the front matter of the talk file
• Upload an existing slide deck to static/ and link using url_slides parameter in the front matter of the talk file
• Embed your slides (e.g. Google Slides) or presentation video on this page using shortcodes.

Further talk details can easily be added to this page using Markdown and $\rm \LaTeX$ math code.