Session Name: Open Source DevSecOps: GitOps for Detection Engineering
Detection engineering is a key aspect of modern security operations, but implementing effective detection strategies can be complex and time-consuming. This talk will introduce an open-source GitOps framework that enables security teams to manage their detection rules and policies efficiently. GitOps is a methodology that streamlines the management of infrastructure and applications using configuration files managed in Git as the source of truth. With GitOps, teams can version control their entire detection infrastructure, including detection rules, alerts, and remediation workflows. The open-source GitOps framework we will discuss offers several advantages for detection engineering. First, it allows security teams to collaborate and manage their detection infrastructure in a more agile and effective manner. Second, it provides greater transparency and auditability, enabling teams to track changes to their detection infrastructure over time. Third, it enables automated deployment of detection rules and policies, reducing the risk of human error and improving the speed of response to security threats.
Zach is a serial entrepreneur, engineer, co-founder and CTO of Fleet, where he works to unlock the full potential of osquery for enterprise and open-source customers. He brings the vision and experience of co-creating and working with osquery since the earliest design documents at Facebook in 2014. He has served as a member of the Linux Foundation osquery Technical Steering Committee since its inception in 2019. Prior to Fleet, Zach founded open-source security consultancy Dactiv, and co-founded endpoint security company Kolide. Zach graduated Summa Cum Laude with a BSE in computer science from the University of Pennsylvania where he conducted wireless security research and lectured on the Python programming language.