AWS Security Automation and Orchestration (SAO) - DevOPs and SecOPs

Monday, May 7
2:05 PM - 2:50 PM
Location: Salon B/C

Governments, enterprises and organization are striving to keep up with the current threat landscape, security and compliance of regulated workloads which rely on too many manual processes, while at the same time struggling with a lack of resources, skills and budgets.

Security and risk management leaders continue to labor over “How” do they secure current, legacy and cloud resources within their limited constraints. In addition to these current trends, the security industry has historically created, installed and operated many products to protect against threats, risks and breaches which do not communicate with each other. The result is overworked, understaffed and miss-management of key security solutions and services across all environments. (e.g. on-premise, cloud and hybrid).

About the Presentation
This presentation is designed to teach how to leverage AWS Security Automation and Orchestration (SAO) processes to constraining, tracking, publishing continuous security configurations, integration, deployments and treatments which can be certified against common security frameworks (e.g. PCI, FedRAMP, DoD CC SRG, IRS 1075, etc.). The SAO process will facilitate the orientation and association of DevOps and Security practices, changes and coordination of Continuous Integration (CI), Continuous Delivery (CD) and Continuous Risk Treatment (CRT) of an AWS account or multiple accounts.

What will I gain from attending this class?
Attendee will learn how to design, innovate and advance continuous configuration automation (CCA) solutions from AWS services and Amazon Partner Network technology solutions from both DevOps partners (e.g., Chef, Puppet, Ansible etc.) and Security partners (e.g. Splunk, Anitian, CloudCheckr, CIS, etc.) to build an end to end automation capability for regulated and auditable workloads.

This presentation is intended for:
AWS Security Practitioners, Consultants, and Managed Security Service Provider (MSSP) which secure, audit, govern and/or test an organization’s AWS IT services.

Tim Sandage

Senior Security Partner Strategist
AWS World Wide Public Sector

Tim is an experienced Security and Privacy professional with extensive experience helping organizations solve business problems as they relate to risk and compliance management, privacy and security. At AWS, Tim is responsible for global security partner strategic alignment of AWS services in support of current and future security/compliance capabilities. Tim is also an active external customer advisor on multiple security verticals, public policy organization and standard bodies within the United States, EMEA (Europe, Middle East & Africa) and Asia-Pacific as it relates secure cloud computing adoption.


Send Email for Tim Sandage

Kathleen Patentreger

Senior Vice President of Programs
Center for Internet Security (CIS)

As Senior Vice President of Programs, Kathleen Patentreger oversees the CIS Benchmarks content development, and the CIS hardened images development teams. The teams use a consensus-based approach to develop configuration standards for a wide variety of technologies that include operating systems, desktops, web browsers, network devices, mobile devices, as well as virtualization platforms and cloud services. The unique process allows CIS to bring together security experts from all around the world to develop standards that accepted by government, the business industry and academia. The configurations are applied to images built for cloud platforms. These hardened images are made available to organizations to streamline the process of setting up secure environments in the cloud.

Prior to working with the Benchmarks teams at CIS, Kathleen managed engagement teams for the MSISAC to develop products in collaboration with security professionals from states and local governments to assist governments to train staff, implement security programs and educate officials about cybersecurity. Kathleen was also responsible for the team that developed and deployed the National Cyber Security Review at CIS that has become an important tool to the states to assess their cyber readiness.

Before joining CIS five years ago, Kathleen had many years of experience developing and supporting application software. Most recently, working with hospitals to implement HIPAA compliant systems and programs.


Send Email for Kathleen Patentreger


AWS Security Automation and Orchestration (SAO) - DevOPs and SecOPs

Attendees who have favorited this

Please enter your access key

The asset you are trying to access is locked. Please enter your access key to unlock.

Send Email for AWS Security Automation and Orchestration (SAO) - DevOPs and SecOPs