Building Security In - DevSecOps Approach for Agile Development

Discover a comprehensive DevSecOps approach in this 33-minute conference talk. Learn about Comcast's seven-part strategy for integrating security into the DevOps process, focusing on automation, speed, and team ownership of the end-to-end product security lifecycle. Explore the importance of executive sponsorship, artisanship, SDL, and tooling in building security into the development process rather than bolting it on. Gain insights on why focusing on DevOps teams is crucial while ensuring other teams are not left behind. Understand how making security the easy choice is not only the right thing to do but also critical for success. Dive into topics such as security practices, inspection and adaptation, frameworks, principles, SDL, maturity models, community building, training, craftsmanship, and top 10 practices. Enhance your understanding of DevSecOps and its implementation in large-scale environments.

Intro
Security Practices
Inspect and Adapt
Framework
Principles
SDL
Maturity Model
Community
Training
Craftsmanship
Top 10 Practices
Questions