Americas Keynote: Security Learns to Spring: DevSecOps
Offered By: Pluralsight
Course Description
Overview
This talk will argue that DevOps could be the best thing to happen to application security since OWASP if developers and operations teams are enabled to make security a part of their everyday work.
This talk will argue that DevOps could be the best thing to happen to application security since OWASP if developers and operations teams are enabled to make security a part of their everyday work. With a ratio of 100/10/1 for development, operations, and security, security now needs to concentrate on creating tools, processes and opportunities for dev and ops that result in more-secure products instead of trying to do it all themselves like they did in days past. We must build security into each of “The Three Ways;” automating and/or improving efficiency of all security activities to ensure we don’t slow down developers, speeding up feedback loops for security related activities so that we fix the bugs faster and sooner, and providing continuous learning opportunities in relation to security for both teams. Security can no longer be a gate or stumbling block, and "adding security in" can no longer be used as a justification for project delays. If developers are sprinting, then we need to sprint too. So put on your running shoes; it’s time for DevSecOps.
This talk will argue that DevOps could be the best thing to happen to application security since OWASP if developers and operations teams are enabled to make security a part of their everyday work. With a ratio of 100/10/1 for development, operations, and security, security now needs to concentrate on creating tools, processes and opportunities for dev and ops that result in more-secure products instead of trying to do it all themselves like they did in days past. We must build security into each of “The Three Ways;” automating and/or improving efficiency of all security activities to ensure we don’t slow down developers, speeding up feedback loops for security related activities so that we fix the bugs faster and sooner, and providing continuous learning opportunities in relation to security for both teams. Security can no longer be a gate or stumbling block, and "adding security in" can no longer be used as a justification for project delays. If developers are sprinting, then we need to sprint too. So put on your running shoes; it’s time for DevSecOps.
Taught by
DevSecCon
Related Courses
MongoDB for .NET DevelopersMongoDB University Web Application Development – Capstone Course
University of New Mexico via Coursera Ciberseguridad: ataques y contramedidas
Universidad Rey Juan Carlos via Independent Reliable Cloud Infrastructure: Design and Process auf Deutsch
Google Cloud via Coursera Securing and Integrating Components of your Application 日本語版
Google Cloud via Coursera