Improving Security while Reducing Toil with DevSecOps
DevOps is not just about deploying software, its about reducing bottlenecks and bringing value to the business. By utilizing DevOps techniques we can build a strong security practice that everybody i …
| Talk Title | Improving Security while Reducing Toil with DevSecOps |
| Speakers | Paul Czarkowski (Developer Advocate, Pivotal) |
| Conference | KubeCon + CloudNativeCon |
| Conf Tag | |
| Location | Shanghai, China |
| Date | Jun 23-26, 2019 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
DevOps is not just about deploying software, it’s about reducing bottlenecks and bringing value to the business. By utilizing DevOps techniques we can build a strong security practice that everybody is invested in, even your Developers and Operations Teams! In a previous role I utilized DevOps practices to lead a major transformation of the security and auditing practices of our team taking them from failure-prone manual repetitive tasks to fully automated unicorn status. This talk will outline the changes we made both technically and culturally to transform not only the security team, but the whole organization into treating security as a design goal rather than an afterthought. You’ll leave this talk with a solid grasp of the tools and techniques needed to knock down the silos around your security team and enter a utopian world of security first engineering.
