From Zero To Hero: Continuous Container Security in 4 Simple Steps
Containers are shaping the way organizations are developing and managing applications nowadays. However, many are not always fully aware of the measures that need to be taken across the entire software development lifecycle, especially when it comes to open source security aspects. The mindset of securing our applications needs to be shifted – to continuous security. In this session, Shiri Ivstan, Product Manager at WhiteSource, will discuss:


1) the main security challenges organizations face when using containers;

2) the most common layers in a typical container deployment; and

3) 4 simple steps to build security into each layer.

    Container Security at the Speed of CI/CD
    DevSecOps is often associated with securing a development pipeline in traditional CI/CD frameworks. Join this session, held by Henrik Johansson, Principal - Office of the CISO at AWS, as he discusses and shows:

    - how public cloud technology enables you to fully embrace security automation in your infrastructure
    - how to account security using managed security services to detect incidents and risks at scale; as well as
    - techniques like automated incident response actions and automated instance isolation.

      Security vs Developers - How to Make DevSecOps Work Together

      DevSecOps has taken the world by storm. Ever since the DevSecOps philosophy stepped into the limelight in the past few years, a growing number of organisations are trying to ensure their businesses are set up with the security in mind (and practice) from the get-go.
      In theory, the concept is great. In practice? Less so, given that the objectives and mindset of developers and security teams completely differ. While Security’s objectives are focused on ensuring secure SDLC from start to finish, developers are focused on software development and meeting their deadlines. Despite both aspects being equally important, these teams are struggling to find a common ground.

        What does a high performing technology delivery team look like? How do you know if your team is doing well? While there have been many widely reported and shared surveys on technology delivery team behavior that define the metrics for high performers (Puppet State of DevOps Report 2019, 2019 Accelerate State of DevOps), at CircleCI we are privileged to have the vantage point of being able to review truly massive amounts of data on how technology delivery teams are behaving in the wild. Our cloud continuous integration and continuous delivery platform processes over 1.6 million job runs per day for more than 40,000 organizations and over 150,000 projects. We analyzed the data from 30 million workflows* to see how observed behavior compares to reported industry standards.

        Our results show that continuous integration (CI) provides a clear path to becoming a high performing team:

        • Teams using CI are incredibly fast: 80% of all workflows finish in less than 10 minutes.
        • Teams using CI stay in flow and keep work moving: 50% of all recovery happens in under an hour.
          • 25% recover in 10 minutes.
          • 50% of orgs recover in 1 try.
        • Highly efficient CI tooling is in service to the needs of your business, not the other way around. Pipelines are flexible and changes to them are successful: 50% of projects never had a failure when pipeline changes were performed during the 90 days of observation.
        • If you are looking for a path to engineering success, focusing on CI will deliver results.

        Download the report to learn more.


          There are many reasons teams get stuck in the process of adopting DevOps. Now Rob Zuber, CircleCI CTO, brings an inspiring and practical guide to moving your team further up the DevOps maturity ladder, regardless of where you are now.

          In this ebook, Rob brings two decades of experience leading teams to work for you, with practical takeaways and strategies that work for real-world teams, from startups to enterprise companies. Learn:

          • Common obstacles teams face when moving to DevOps
          • How to get past these blockers, and how to 'sell up' the chain of command

          Practical tips you can employ today, to make a difference in your team's delivery speed and reliability


            Software testing is a key factor in shipping reliable, high-quality code, but getting your team on board can be a challenge. In this info-packed ebook, CircleCI's June Jung calls on her years of experience as an engineering leader and in-demand DevOps consultant to show teams:

            • What tools they need to do testing right, and how to set them up.
            • How thinking of test environments as concentric scopes of responsibility can help you make your tests more efficient, thorough, and economical.
            • Valuable testing shortcuts, such as mocking, stubbing, and contract testing.
            • In-depth explanations of test-driven development and behavior-driven development, and how they can benefit your team's workflow.

            Shipping great products isn't just about writing good code. If you want confidence in your code, knowing how to properly test it is key. Download this guide today and ship more confidently tomorrow.