E4. Oil and Water DO Mix: Implementing Compliant Change Management in a CICD Environment
Thursday, May 10, 2018
10:10 AM - 11:10 AM
The traditional Waterfall or Agile Scrum development methodologies were structured and methodical--and merged perfectly with traditional change management strategies. But in today's world, the Continuous Integration/Continuous Deployment (CICD) methodology can be great for fast-paced on-the-fly application development, but seemingly contradicts traditional change management solutions. CICD poses some difficult scenarios for the Security Practitioner and DevOps Professional trying to implement a change management solution that is fast, compliant and conflict-free. We have implemented a solution that achieves all three.
After completing this session, learners will:
- have knowledge of the typical CICD workflow
- understand what is required of a compliant change management program
- see how change management can work in a CICD environment
- made aware of the challenges involved with implementation
Joel Beckham is the Lead DevOps Engineer for BombBomb, based in Colorado Springs, Colorado. He graduated with a degree in Computer Science from University of Colorado and is an AWS Certified Solution Architect. He brings 15+ years of development and leadership experience to BombBomb.
Jason Harmon is the Security Program Manager for BombBomb, based in Colorado Springs, Colorado. Prior to BombBomb, Jason was the PCI Compliance Manager for Clickbank and an information security auditor for 7 years. Jason holds several certifications including CISSP, CISA, PCI-QSA and CCSK.