At DevOps Enterprise Summit 2021, Virtual – US on October 5-7, 2021 together with Colin Bell and Robert Cuddy, I spoke on topic “Making It Easier to do the Right Things: Govern, Measure and Audit DevSecOps”.
Our talk was on October 5th, 2021. Here is abstract of talk:
DevSecOps is a more than just getting security testing integrated into a pipeline and using the results to influence flow. Real success with DevSecOps comes when you are able to identify and measure critical aspects of your risks as well as your security controls and functions. It means that you have governance that enables and encourages the right behaviors – not just inhibits bad ones and you have an audit function that can measure this success. It also means you are able to incorporate and include security related information from all parts of the SDLC – including threat, design, testing and at runtime.
Many places have achieved higher degrees of automation and education within their DevSecOps initiatives, however this needs to be an improving and continuous cycle. Taking it to the next level involves intensify these efforts with accurate threat analysis, secure design, measuring, governance and audit. Join us as we share insights on how organizations are moving beyond DevSecOps and more towards real Continuous Security.
Details and links, including link to video, below:
Dragan Pleskonjic, Colin Bell, Robert Cuddy: “Making It Easier to do the Right Things: Govern, Measure and Audit DevSecOps” – October 5, 2021