DevSecOps Success: What's Team Metrics Got to Do With It?
Ryan O'Boyle, Product Security Director, Veracode and Kenneth G. Hartman, Instructor, SANS
About this talk
Ryan O'Boyle and Kenneth G. Hartman discuss the role of DevSecOps metrics in determining effective objectives and key results (OKRs) and making data-driven decisions. They will discuss example metrics related to SAST and DAST scanning and code provenance and demonstrate how to calculate these metrics as a natural part of the DevSecOps workflow. You will learn how to:
- Devise metrics that focus the DevSecOps team’s efforts on the biggest impacts
- Maximize team member buy-in
- Minimize unintended consequences
Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-attackers can find and exploit them, Veracode helps enterprises deliver innovation to market faster — without sacrificing security.…