Vasiliy Fomichev
Sitecore MVP, VP, Digital Solutions at Altudo
Denver, Colorado, United States
Actions
Digital technology practice director, visionary, radical, yet open-minded and people-focused leader specializing in delivering solutions with Sitecore Content Hub, Sitecore Experience Platform, Sitecore Experience Commerce, artificial intelligence, cloud, and Blockchain. 8x Sitecore MVP with over 14 years of experience during which Vasiliy developed and managed four Sitecore practices.
Links
Area of Expertise
Crafting rock-solid secure composable SaaS-based applications
Security has become one of the biggest concerns within organizations. With more companies moving towards distributed work, SaaS solutions, cloud and microservices-based architectures, the added complexity of managing multiple solutions, projects, and virtual appliances introduces more room for malicious visitors to exploit. In this session, we will educate technology managers and architects on how to create a security-focused culture and design secure Sitecore SaaS applications with checks and balances that keep the new generation solutions secure.
We will dispel the myth of a tradeoff between security and rigidity and provide a blueprint for creating flexible, scalable, yet secure SaaS solutions for the new composable world.
Attendees will understand how to design secure decoupled, disconnected, composable, solution in the cloud using Azure appliances. I will share the best practices and learnings from developing serverless distributed scalable applications. We will cover the full scope of security concerns, understand how to align IT and CISO and have both teams can work closely together in creating more secure SaaS infrastructure and as a result, a more secure web application and organization. Those unfamiliar with security concepts will get tactical knowledge for getting started, and those who are interested in hardening security will get the proven practical advice with tactics, design blue prints, and frameworks, that focus on removing 80% of the security issues with 20% of the effort in the new composable cloud-based world.
Topics covered -
1. A brief introduction to enterprise security - understanding the theory behind secure SaaS applications and how security can be achieved through the creating a security focused culture and a well-oiled security engine with technology teams working together.
2. Securing SaaS Solutions with DevSecOps - the rules and guides that deliver most security value per dollar spent
a. Solution Design and Implementation -
i. Secure network topology design in Azure
ii. Securing MACH-based implementations
iii. OWASP top 10, MITRE 25, team structures, peer reviews, threat modeling, OWASP Security Knowledge Framework
iv. Secure coding rules for Headless SaaS development;
v. Top 10 rules for developing secure APIs for middle layers in SaaS;
vi. Hardening Sitecore headless solutions
b. DevSecOps -
i. The nature of composable projects and complexity with multiple solutions
ii. Managing multiple composable solutions and projects built using different technologies
iii. Process and workflow optimization for multiple solutions; decoupled deployments of units of code
iv. Stability and consistency with Infrastructure as code,
v. End-to-end validation with the test pyramid
3. Putting it all together
a. Reference solution for a new Sitecore composable implementation
b. A pipeline blueprint for a modern SaaS solutions with serverless functions, containerization, and Vercel hosting
The Agile Nirvana of DevSecOps and Containerization
Learn to design a truly agile Sitecore DevOps pipeline focused on delivering business value and eliminating manual overhead. Remove complexity, harness automation, and activate the right processes to reduce release cycles, increase security and release stability, and do all of that with transparency and traceability in place. See how a major healthcare services and research provider was able to make the shift towards DevSecOps.
----------------------------
Sitecore deployments are traditionally relatively expensive due to the technological and architectural limitations. The introduction of a containerized hosting model is a game-changer in the Sitecore DevOps story. It allows DevOps teams to enable delivery security features, and reduce deployment cycles through automation, by activating DevSecOps strategies. This flexibility or cost-efficiency of containerized deployments allows DevOps and engineering teams to focus on and align around business value, rather than being handicapped by the legacy technology and systems.
In this session we will walk the attendees through the benefits of a DevSecOps pipeline to IT, development teams, and their business leadership and show what it takes to migrate to the AKS-hosted infrastructure from an on-premise setup. We will present a reference design for an automated DevSecOps pipeline that focuses on security, quality, and speed. The session will cover the learnings from a major healthcare technology and research company that has gone through this shift and highlight the impact they experienced on the infrastructure, solution architecture, DevOps pipeline, processes and internal resources -
Infrastructure: we will provide a feature overview of Azure vs AWS as it relates to a containerized Sitecore implementation, covering risks, cons, and pros associated with each and the cost estimation process for AKS.
Sitecore Topology: we will cover the steps for changing Sitecore default AKS topology for maximum cost efficiency, and flexibility.
DevOps pipeline: we will cover the automation that is required to move towards DevSecOps with environment creation via Infrastructure as Code, disaster recovery, and zero-downtime fully automated deployments to production.
Processes and team changes: We will present how the new DevSecOps pipeline will affect internal processes and what internal support team changes are required to continue managing the new infrastructure and release pipeline.
Vasiliy Fomichev
Sitecore MVP, VP, Digital Solutions at Altudo
Denver, Colorado, United States
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top