ATO In A Day

Moving to the cloud means that you can implement changes to systems fast, but too many times delays happen because it takes too long to get the Authorization to Operate (ATO). By reevaluating the agency's Risk Management Framework (RMF), NGA has enabled its team to deliver software to the agency's mission at a faster pace never before possible. The presentation will describe the modified assessment and authorization process, the use of DevOps and Agile methodologies and the role of security automation to speed ATO.

Watch Now

Transforming Ellie Mae into a Technology Company

Guest Speaker, Anthony Johnson, Staff Engineer at Ellie Mae takes us through how he and his team are transforming Ellie Mae into a Technology company, not just a mortgage company.

View this presentation to learn why Ellie Mae choose Public Cloud, what to consider when building your own cloud strategy and how to implement automation and self-healing into your cloud security stack.

Watch Now

RSA 2015 Interviews — The Need for Cloud Security and Compliance Automation

Richard Stiennon, Chief Research Officer at IT Harvest, sits down with Tim Prendergast, CEO and co-founder of, to talk public cloud security and compliance and why an automated DevOps style approach is now required to keep up with the velocity of change in public cloud deployments.

Watch Now

How to Achieve PCI Compliance on AWS

You run a web business on AWS and you have a need to perform payment processing due to your specific business requirements. Whether you are selling subscriptions or shipping goods, there are both easy and hard ways to manage payments in a PCI compliant way.

In this video you will learn techniques and controls to address 12 key areas in PCI on AWS without making your life more difficult than necessary.

Watch Now

Limiting Access Rights On AWS

AWS Identity and Access Management is an great feature for providing access to AWS resources – but how do you manage those rights effectively?

In this video you will learn:

  • AWS IAM strategies for limiting your security exposure
  • A path to apply security to new or existing AWS infrastructure
  • How can help
  • Watch Now

    Compliance is Hard: Two Worlds at Odds

    DevOps and Compliance are two very different worlds. If your company is going to achieve attestation or certification, it’s usually the DevOps side of the house that has to give in.

    In his presentation from ChefConf 2015, John Martinez from discusses:

  • What compliance means to you as a DevOps practitioner
  • Areas where the two worlds collide
  • How to use DevOps and automation to your advantage in an audit
  • Watch Now