How to Get Started with DevSecOps

Presented by

Nabil Bousselham, Principal Solutions Architect @ Veracode

About this talk

As organizations adopt more and more on CICD practices to build, test and deploy their software applications, it becomes imperative that the software supply chain should be secured to prevent the deployment of code containing serious flaws and vulnerabilities that might put the business at risk. In this presentation, we will take a look at application security in general and why it’s important to have a professional Application security program. We will also put a spotlight on the importance of understanding from each team's perspective the new process and how different teams esp. development can shift left and validate the security of the code in highly automated environments like CICD. We will outline the challenges and benefits of the DevSecOps approach, and show some best practices on how organizations can easily integrate and automate AppSec testing & compliance into the SDLC.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (390)
Subscribers (31005)
Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Prompted by powerful AI trained by trillions of lines of code, Veracode customers fix flaws faster with high accuracy. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means. Learn more at