Pragmatic Security for SRE

Due to the evolving Coronavirus/COVID-19 situation, SREcon20 Americas West has been rescheduled to June 2–4, 2020.
More information is available here.

Wednesday, March 25, 2020 - 11:30 am12:20 pm

James Wickett,


All organizations want to go faster and decrease friction in delivering software. The problem is that InfoSec has historically slowed this down or worse. But, with the rise of software delivery pipelines and new DevSecOps tooling, there is an opportunity to reverse this trend and move InfoSec from being a blocker to being an enabler.

This talk will discuss hallmarks of doing security in an SRE context with a particular focus on the software delivery pipeline. This is not a theory talk, but it has an emphasis on being pragmatic. At each phase of the software delivery pipeline, you will be armed with philosophy, questions, and tooling that will get security moving at the speed of your SRE organization.

James Wickett,

James is a dynamic speaker on software engineering topics ranging from security to development practices. He spends a lot of time at the intersection of the DevOps and Security communities, and seeing the gap in software testing, James founded the open-source project, Gauntlt, to serve as a Rugged Testing Framework.

James works as a Sr. Security Engineer and Developer Advocate at Verica and is he is the author of several courses on DevOps and DevSecOps at LinkedIn Learning. His courses include DevOps Foundations, Infrastructure as Code, DevSecOps: Automated Security Testing, Continuous Delivery (CI/CD), Site Reliability Engineering, and more.

James is the creator and founder of the Lonestar Application Security Conference, which is the largest annual security conference in Austin, TX. He also runs DevOps Days Austin, DevSecOps Days Austin, and Serverless Days Austin.

@conference {247338,
author = {James Wickett},
title = {Pragmatic Security for {SRE}},
year = {2020},
address = {Santa Clara, CA},
publisher = {{USENIX} Association},
month = mar,