One Step Further: How to Prioritise Security with SecDevOps

Logo
Presented by

Helen Beal - DevOps Institute | Ricardo Ferreira - Fortinet | Ryan Sheldrake - Lacework | Cheryl Razzell - IFS

About this talk

Security has historically had to be an after-thought for developers. The need for speed and delivery means that misconfigurations and vulnerabilities can make it through the development pipeline, and they are often only fixed post-deployment. Naturally, this can be costly and not only puts the business at risk but also negatively impacts developer productivity. As a result, many organizations now incorporate security into the software development process, shifting left with a DevSecOps approach. However, there is a new trend in town - SecDevOps. But what exactly is it? In this episode of Day-to-Day DevOps, Helen Beal and guests are breaking down the new trend of SecDevOps, explaining how it goes one step further than DevSecOps and exploring why it considers information security as the number one priority, with measures needing to be taken before development even begins. Join to hear how businesses - and DevOps teams - can implement developer-led security practices. Points of discussion will include: - Why security should no longer be the sole responsibility of the security team - Why organizations cannot buy their way into SecDevOps/DevSecOps; a ‘shift left' approach is as much a human initiative as it is a technical one - The benefits of adopting SecDevOps practices - How security professionals and developers can align expectations and practices And more
Related topics:

More from this channel

Upcoming talks (10)
On-demand talks (45)
Subscribers (19609)
DevOps’s impact on software development - and on the bottom line - cannot be underestimated. Collaboration between development and operation teams is now considered the key for successful digital transformation, yet many practitioners believe that the full benefits of DevOps are yet to be uncovered or properly communicated. In this series, we will explore the challenges and opportunities DevOps presents, how best to realize them, and how to turn process into profit.