2020 National Cyber Summit

Summit Speaker Trevor Vaughan

Session Information

Practical Regulatory-Focused DevSecOps
Thursday, June 6, 2019 3:15 p.m. - 4:00 p.m.
This session provides the audience with a look at the confluence of tools, procedures, and methodologies focused on meeting regulatory compliance requirements in a provable and understandable manner.

The presentation uses the NIST Risk Management Framework lifecycle focus of the System Integrity Management Project as open sourced from the NSA (https://github.com/NationalSecurityAgency/SIMP) as a working example of the technical reality of a project workflow. This is combined with references to both Federal and Commercial policies that routinely affect operational workflows and time to operational deployment.

The audience should walk away with an understanding of how, regardless of cloud or local environment, they can better integrate their development, security, and operations teams through a flexible but rigorous approach to product and system development.
Von Braun Center - South Hall | Ballroom 2
Trevor Vaughan photo
Trevor Vaughan
Vice President Engineering
Onyx Point, Inc.
One of the co-founders of Onyx Point, Inc., Trevor has been working in various systems administration and automation related fields for over 20 years. Recently, he has been focusing on automated compliance for Federal and commercial systems and helped start the open source System Integrity Management project to help provide that capability to the widest audience possible.