DevSecOps, Chaos Security, and Not Being Left Behind

Explore the evolution of cybersecurity practices and the imperative shift towards DevSecOps and Chaos Security Engineering in this keynote address from the Hack In The Box Security Conference. Delve into the limitations of traditional security approaches and discover how to implement an integrated strategy that aligns business teams, developers, engineers, and security researchers. Learn from a comprehensive case study and gain practical insights on successfully adopting DevSecOps methodologies to stay ahead of adversaries and avoid being left behind in the rapidly advancing world of cybersecurity. Benefit from the expertise of Eddie Schwartz, a seasoned industry leader, as he shares his experience and vision for a more collaborative and effective approach to product security, security by design, and SecOps.

Intro
Let's Talk About Product Security
Product Security Wasn't What You Think... . In the early days...The Rainbow
Common Criteria (CC) Secure Softwa Development Approach (ISO 15408)
What We Learned from Doing the Same So Long: Key Elements of Security By De
The Good and the Bad of the Old Wa
So, the Old Approach Seems OK, Righ
What Are Some key Differences?
DevSecOps - What is It?
DevSecOps: Plan and Create
DevSecOps: Preproduction and Rele
General Right-side Considerations