One Step Further: How to Prioritise Security with SecDevOps

Logo
Presented by

Helen Beal - DevOps Institute | Ricardo Ferreira - Fortinet | Ryan Sheldrake - Lacework | Cheryl Razzell - IFS

About this talk

Security has historically had to be an after-thought for developers. The need for speed and delivery means that misconfigurations and vulnerabilities can make it through the development pipeline, and they are often only fixed post-deployment. Naturally, this can be costly and not only puts the business at risk but also negatively impacts developer productivity. As a result, many organizations now incorporate security into the software development process, shifting left with a DevSecOps approach. However, there is a new trend in town - SecDevOps. But what exactly is it? In this episode of Day-to-Day DevOps, Helen Beal and guests are breaking down the new trend of SecDevOps, explaining how it goes one step further than DevSecOps and exploring why it considers information security as the number one priority, with measures needing to be taken before development even begins. Join to hear how businesses - and DevOps teams - can implement developer-led security practices. Points of discussion will include: - Why security should no longer be the sole responsibility of the security team - Why organizations cannot buy their way into SecDevOps/DevSecOps; a ‘shift left' approach is as much a human initiative as it is a technical one - The benefits of adopting SecDevOps practices - How security professionals and developers can align expectations and practices And more

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (147)
Subscribers (31129)
Fortinet (NASDAQ: FTNT) makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world’s largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 530,000 customers trust Fortinet to protect their businesses. And the Fortinet NSE Training Institute, an initiative of Fortinet’s Training Advancement Agenda (TAA), provides one of the largest and broadest training programs in the industry to make cyber training and new career opportunities available to everyone. Learn more at https://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.