Loading Events

« All Events

Secure DevOPs and Application Audit Conference

April 11 @ 8:00 am - 4:30 pm EDT

GWDC Member - $105, Other ISACA Member - $135, Non-ISACA Member: $150


This one-day conference covers application development and what you need to consider from a cyber security and audit perspective. It discusses how you ensure a secure development lifecycle in a digital environment and how you audit application development in your environment.


1. Plugging the Security Gap in DevOps with DevSecOps - Gaurav "GP" Pal

Government Agencies and Organizations are rapidly adopting cloud services. The advent of readily available automation services are transforming the way we respond to security and systems events at scale. As developers accelerate the pace and frequency of code deployments, the security and compliance teams must constantly play catch-up. The use of DevSecOps methodologies and technologies can help integrate security and compliance functions into the Continuous Integration/Continuous Delivery (CI/CD) pipeline. The combination of DevSecOps when supplemented by management best practices can yield optimal results to help organizations detect and respond to incidents faster.

The talk will cover the following topics -
1. Introduction to DevSecOps
2. Overview of industry standards for DevSecOps, technologies and integration points
3. Description of specific examples relevant to Security and compliance including management oversight The focus will be on practical examples to help create awareness of emerging practices and technologies on FedRAMP Accredited cloud services such as AWS and Microsoft Azure.

2. Topic & Presenter TBD

3. Topic & Presenter TBD

4. Topic & Presenter TBD

5. Topic & Presenter TBD

6. Topic & Presenter TBD

We are currently collecting submissions for topics and presenters for this conference. We will be updating this webpage as the information becomes available. If you are interested in being a presenter for this or for other upcoming conferences, please send your topic information for consideration to the GWDC Programs Director at programs@isaca-gwdc.org.



Who should attend?

  • Any professional in the Information Security / Assurance industry, including IT auditors, IT consultants, and general IT professionals with exposure to or looking to get exposure to cybersecurity initiatives.
  • Anyone that is already or anyone interested in getting involved with the ISACA CSX program.

AGENDA - Provided when the conference is finalized.



Gaurav "GP" Pal

Founder and CEO at stackArmor

Gaurav “GP” Pal is an award-winning Senior Business Leader with a successful track record of growing and managing a secure cloud solutions practice with over $30 million in annual revenues focused on US Federal, Department of Defense, non-profit and financial services clients. He successfully led and delivered multi-million-dollar Amazon Web Services (AWS) cloud migration and broker programs for US Government customers including the Department of the Treasury and the Recovery Accountability & Transparency Board (RATB) since 2009.

GP is the Industry Chair at the University of Maryland’s Center for Digital Innovation, Technology and Strategy (DIGITS). He has strong, relationship-based consultative selling experience with C-level executives providing DevOps, Managed Services, IaaS, Managed IaaS, PaaS and SaaS in compliance with US FedRAMP, FISMA, HIPAA and NIST Security Frameworks. He has a successful track record of delivering multiple cloud solutions with leading providers including Amazon Web Services (AWS), Microsoft, Google and among others.


DevSecOps Transformation, Senior Director at Comcast

Larry Maccherone is an industry-recognized thought leader on DevSecOps, Lean/Agile, and Analytics. He currently leads the DevSecOps transformation at Comcast. Previously, Larry led the insights product line at Rally Software where he published the largest ever study correlating development team practices with performance. Before Rally, Larry worked at Carnegie Mellon with the Software Engineering Institute (SEI) and CyLab for seven years conducting research on cybersecurity and software engineering. While there, he co-led the launch of the DHS-funded Build-Security-In initiative. He has also served as Principal Investigator for the NSA's Code Assessment Methodology Project, on the Advisory Board for IARPA's STONESOUP program, and as the Department of Energy's Los Alamos National Labs Fellow.

Speaker - #3

Title - TBD

 Bio - TBD


Speaker #4 - TBD

Title - TBD

Bio - TBD


Speaker #5 - TBD

Title - TBD

Bio - TBD


Speaker #6 - TBD

Title - TBD

Bio - TBD


Special Instructions

ISACA Members from Other Chapters: You will need to bring your ISACA Membership Card to the event to verify your ISACA Membership.

Presentations: Conference presentations will be included in the registrants' final event-related email message containing the CPE certificate and evaluation survey when permission is received from the presenter and their organization. In some cases, permission is not received.

Requests for Assistance: If you require assistance for an audio, visual, or other disability, please contact the Programs Director to discuss your needs, as soon as possible.  We need as much advance notice as possible to determine whether requests can be accommodated. Thank You.

If your organization is interested in being an event sponsor, please take a look at the five (5) various event sponsorship packages and click this sponsorship link to become a sponsor.

CPE Information

Earn up to 7 Continuing Professional Education (CPE) credits in the area of Specialized Knowledge. The ISACA® GWDC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: http://www.learningmarket.org.

CPE Distribution and Evaluation Survey

CPE's will be distributed via e-mail along with the event evaluation survey up to seven (7) business days after the completion of the event. Attendees must be present the full day to receive full CPE credit.

CPE-Related Details

  • Prerequisites and Advance Preparation: N/A
  • Program Knowledge Level: N/A
  • Delivery Method: Live in person event



GWDC Members: $105

Other ISACA Members: $135

Non-Members: $150

» Become an ISACA Member


We encourage early registration, as some events sell out.  

To register, click the green "Click to Register" button in the "Details" section below.



If you are unable to attend an event, you can cancel your registration. All cancellations must be received three days before the start of the course. A $15 cancellation fee is charged.

To cancel, access your payment confirmation e-mail message and click the UNREGISTER link.


April 11
8:00 am - 4:30 pm
GWDC Member - $105, Other ISACA Member - $135, Non-ISACA Member: $150
Event Category:
Event Tags:
, , , , , , , ,


Holiday Inn Rosslyn @ Key Bridge
1900 North Fort Myer Drive
Arlington, VA 22209 United States
+ Google Map
Please do not contact the venue directly regarding this event.