44CON 2019 has ended
Back To Schedule
Friday, September 13 • 14:00 - 14:59
Kyle Tobener & Alessandro Lapucci - Throw Open The Gates: Trading Control for Visibility

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
As many enterprises shift to a cloud first business model, asset visibility can become increasingly difficult for security. Cumbersome gated approval processes, a security mainstay for years, are now quickly bypassed in the name of developer agility and growth. Security practitioners need new approaches that move at the pace of this new DevOps driven world.

In this session, we will tell the story of a simple premise: can we discard a cumbersome approval process, throw open the gates, and build visibility for security by offering free “backdoored” server resources to developers. We’ll share the context that lead to our premise, the tooling we built to facilitate the experiment, our success criteria, 3 years of practical experience running the program, and lessons learned.


Kyle Tobener

Kyle Tobener is a Director of Enterprise Security at Salesforce. He began his professional career as a zoologist but fled the jungle to return to San Francisco and focus on tech. His specialty now is application security, with a side dish of 3rd party vetting and contract negotiation... Read More →

Allessandro Lapucci

Alessandro is a Lead Software/Security Engineer with Security Compliance at Salesforce, where he develops internal automation tools and customer facing web applications. Born and raised in Italy, he lived in Ireland and California before recently moving to Switzerland. When he isn’t... Read More →

Friday September 13, 2019 14:00 - 14:59 BST
* Track 1 *