Friction Free DevOps - How to Secure and Govern Silently
Patrick Pushor, Technical Evangelist, Orca Security
About this talk
Software developers are tasked with developing and releasing software at breakneck speed while security teams must have visibility into every workload that debuts to measure risk. Cloud security teams can't be autonomous as they depend on developers to install security agents to give them that very workload visibility. What's more is that security teams are drowning in non-prioritized alerts with little to no context which results in fatigue and distrust. How do we expect developers to be able to interpret such information? It's a relationship fraught with friction right from the start. Join me for an exploration of the challenge and some strategies we can leverage to reduce and even remove that friction entirely.