Agile + DevOps East 2019 Concurrent Session : Build It, Buy It, or Both? An Engineering-Focused Approach to Security Tooling


Thursday, November 7, 2019 - 3:30pm to 4:30pm

Build It, Buy It, or Both? An Engineering-Focused Approach to Security Tooling

Add to calendar

The technology market is growing faster than the security tooling market that supports it. This puts security teams in difficult situations where the available tooling may only provide a partial solution to critical problems, so you may wonder: Do we buy it, build it, or both? This led Michelle Hodges's company to build an internal agile development team dedicated to creating custom security tooling for the various groups within the security and privacy organization. In weeks, they produced live products that enabled them to process data, show metrics, and automate work pipelines, all within one centralized location accessible by internal employees. In addition to saving money, they increased user experience by eliminating the exhaustion of managing various external tools. Join Michelle to learn what factors to consider when determining whether you should buy a tool or build one from scratch. You'll discover what tooling you need to deliver the right solutions rather than solutions that are just good enough.

Michelle Hodges
Red Ventures

Michelle Hodges is an engineer at Slalom Build and is the president of Women Leaders in Tech, a nonprofit organization she founded to shift perspectives on gender biases in tech. After managing operations at a fast-growing IT startup, Michelle fell in love with the tech industry and delved deep into learning back-end engineering. She's dabbled in writing back-end services and tools in Go, C#, NodeJS, and Python, while also touching front-end frameworks such as React and Redux. Shortly after becoming a software engineer, Michelle was introduced to the notion of DevOps and immediately became impassioned with the world of automation and serverless infrastructure. She has decided that building and securing infrastructure in the cloud will be the main focus of her career. In 2018, Michelle and her husband created an open source application, hideNsneak, that assists penetration testers in deploying mass amount of cloud infrastructure for red teaming purposes.