Victoria Almazova

Victoria Almazova

Sr Security Architect
Microsoft

Title: The Practical Side of DevSecOps

Abstract: DevOps practices are in a place; containers are everywhere, pipelines are flying. We do Agile. We do DevOps. Now we try to follow security practices for protecting the deployed resources, too. This is a reason why DevSecOps is not hyped anymore and is gaining more prominence. There is a lot of information about DevSecOps, but how to do it properly? Where to start? What are the best practices?

This session will walk through an end-to-end scenario where we will deploy infrastructure components securely to Azure using Azure DevOps and GitHub with security tools. We will build a pipeline with security to protect and detect potential security flaws during the build.

You will learn:

  • How to build an end-to-end CI/CD pipeline that builds the application and deploys infrastructure on Azure with security checks for the application, containers and infrastructure;
  • What are the security tools available for CI/CD pipeline, and how to implement them in the best way;
  • Best practices and patterns of integrating security in pipelines and protecting pipelines.

Bio: Victoria believes that empowering developers and architects in security tasks through education will increase security levels without increasing workloads. As a security expert with more than 15 years of experience, she’s worked in different business areas challenging different security states with her unique viewpoint and sense of humor. Although Victoria is passionate in all security areas, the most significant interest lies in DevSecOps, cloud security Identity and access management. In her belief Zero Trust and a heavy focus on security in development by shifting it left are the way to go.

You can find her either working for Microsoft and helping customers or on a stage, where she shares security practices sometimes in an opinionated and humorous way.

When Victoria not occupied with security things, she is either in the mountains exploring beautiful Norway or running as both are the biggest passions after the security.