Implementing DevSecOps: Lessons learned

Security doesn't happen in one place in the infrastructure or application life cycle. Instead, security must be addressed continuously across the application pipeline, infrastructure pipeline, and the supply chain. And all of these areas need to be continuously monitored. In this session, we'll: • Discuss how developers, operators, and security teams can achieve DevSecOps through automation, standardization, everything-as-code, centralized management and visibility, and automated security compliance. • Examine how this process provides built-in security in the application and infrastructure pipelines and secures the supply chain, in addition to monitoring, logging, and proactive security and automated risk management. • Share DevSecOps lessons learned from various Red Hat Innovation Labs residencies, including best practices, techniques, and tools that can be used to improve security while reducing the workload of security professionals, developers, operators, and managers. • Discuss how participating in a Red Hat Innovation Labs residency can be like implementing “DevSecOps-in-a-box." In other words, we’ll learn how Red Hat Innovation Labs residencies can help build a starting point for DevSecOps and help customers successfully adopt DevSecOps best practices. • Detail how Red Hat Innovation Labs residencies helped customers accelerate their adoption of automating security, development, and operations, all simplified by using Red Hat OpenShift Container Platform and Red Hat Ansible Automation. Speakers: William Henry, Senior Distinguished Engineer, Portfolio Architectures, Red Hat Lucy Kerner, Senior Principal Security Global Technical Evangelist and Strategist, Red Hat