Upload
xebia-nederland-bv
View
422
Download
0
Embed Size (px)
Citation preview
The Security Challenge:
KPN's Practical Approach
for (IT) managers
Xebia Security
KPN
Largest Telecom and IT operator in NL
Consumer, Business, Corporate markets
Several international brands
18,000 employees, 500M€ profit
KPN Online
Most internet facing applications and apps
Open environment (www.kpn.com)
Selfcare environments (mobile & desktop)
Consumer and small business webshop
-2013: project based
Security requirements Penetration test
Afterfix Afterfix 2
Retest
2014: Agile transformation
Security & Agile?
Changing Responsibilies
Integrate security expertise
Split and simplify policies
Standardized Architecture
Security in SDLC
Threat modeling by design
Compliant Operation
Story
Code
Platform
Application
Operations
Apply best practices
SecDevOps: summary
Align Dev, Sec, Bus, And Ops
Standardize and simplify
Automate, automate, automate
Know your value
Attack yourself
Learn, teach and train
SecDevOps: more info
devsecops.org - “Secure Agile Manifesto”
Forrester- “The Seven Habits of Rugged Devops”
Event.io- “Ten Ways to Develop a Rugged DevOps Approach”
Just do it
Thank you, Q&A