— This is Part 2 of Load Impact’s Velocity NY Preview Series. Load Impact is chatting with some of the cutting-edge developers and executives who will be speaking at Velocity NY Oct. 12-14.
Build. Software. Faster.
Between DevOps, Continuous Integration and Continuous Delivery, it’s clear to see we’re all basically in a race to create life-changing software overnight.
What often gets lost in these conversations is the pesky little matter of security, and that’s what Pete Cheslock, senior director, operations and support at Threat Stack, is going to address in his cleverly named Velocity NY session: Why We Can’t Have Nice Things. A Tale of Woe and Hope for the Future.
“I’ve been in operations for more than 15 years, and security has always been an afterthought,” Pete said. “The focus is always on the product, stability and pretty much everything else.”
Threat Stack is working to change that through continuous security monitoring, and that’s a big part of what led to Pete’s appearance at Velocity.
Pete said he’s learned most of what he knows about security from working at Threat Stack, and the experience has showed him why companies should never make security an “afterthought” during the development process.
Unlike some abstract talks that focus on technical problems without offering solutions, Pete will give real examples of what InfoSec practices are working for successful software companies and give the audience an idea of how to implement simple processes that can go a long way toward preventing a breach.
The Continued Evolution of Software Development
Similar to the DevOps revolution a few years ago, Pete looks at the rising awareness of security in Continuous Deployment as a maturing relationship between tech professionals.
When developers used to add a bunch of features and functionalities to software, operators would worry about stability and push back. Now, DevOps are looking to push builds and updates faster than ever, so security is starting to push back a little more.
One of Pete’s goals for the presentation is to give some insight into how to build security measures into a Continuous Delivery pipeline and give everybody a little piece of mind without slowing down development sprints.
The dawn of the DevOps age has definitely streamlined software engineering, and Pete’s experience at Threat Stack has reinforced his belief that no matter what side of the development house you work on, you need to understand the entire landscape.
“The industry is moving too fast for operators to focus on one thing and only know that,” Pete said. “This presentation is basically an outline of my ‘come to Jesus meeting’ that showed me the way of InfoSec and showed me all the wrongs of my past.”