A Seat at the Table: Effective Security Collaboration in DevOps - AppSecCali 2019

Explore effective collaboration strategies for security professionals in the DevOps era through this insightful conference talk. Discover new skills, approaches, and techniques to engage with development teams before code is written. Learn how to adapt to the changing landscape of software development while maintaining a focus on security. Gain valuable insights on threat modeling, improving communication, and fostering diversity in the field. Understand the importance of soft skills, active listening, and assuming good intent when working with cross-functional teams. Delve into topics such as the Open Security Summit, design challenges, and the need for security to have a seat at the table. Examine practical tools like threat modeling and automated tests, and consider how to measure success in this new paradigm. Engage with thought-provoking questions on threat model training, elevation techniques, and the application of Maslow's Hierarchy of Needs to security practices.

Intro
Open Security Summit
Working Together
Dialogue is Fluid
Design is a Dirty Word
Seating is Limited
Security doesnt play at the table
What do we need
Threat modeling
Bringing people to the table
Threat modeling is a big tent
We still need soft skills
Soft skills are unnatural
Respect the person speaking
Active listening
Assuming good intent
Diversity
Thank you
Questions
Threat Model
Training
Elevation
Automated tests
Trap modeling
How to measure
Maslows Hierarchy of Needs
Soft Skills
Question