DevSecOps techniques give us the power of receiving rapid feedback and the ability to incorporate new information on an ongoing basis. However, challenges arise when the development pipeline must be established without connection to external networks. There are excellent reasons for doing this, including reducing security risks to systems and proprietary data, but a little more consideration is required to provide our teams on pocket networks the same benefits of an end-to-end DevSecOps pipeline implementation for our container application. We will draw on our practical experience...
Jennifer Hwe
Staff Engineer DevOps
Northrop Grumman
Jennifer Hwe is a Lead DevSecOps Engineer for Northrop Grumman and has been working in the industry for over 16 years. She has been a part of many teams such as development, quality assurance, operations and site reliability engineering as a DevSecOps engineer for a wide variety of companies (finance, entertainment, gaming, health care and marketing). Jennifer is very passionate about process automation, security vulnerability reporting and mitigation, containerization, and large scale application deployments.