DevSecOps Automating Security in DevOps

A presentation at IPExpo Manchester 2019 in in Manchester, UK by Anant Shrivastava

In this talk, we shall focus on how a DevOps pipeline can easily be metamorphosed into a DevSecOps and the benefits which can be achieved with this. The talk will discuss a number of open source tools and also the cultural changes needed to implement DevSecOps. The talk will also present various case studies on how critical bugs and security breaches affecting popular software and applications could have been prevented using a simple DevSecOps approach.

What you will takeaway from this session:

  • Create a security culture amongst the already integrated “DevOps” team.
  • Find and fix security bugs as early as possible in the SDLC .
  • Promote the philosophy “security is everyone’s problem” by creating Security champions within the organisation.
  • Integrate all security software centrally and utilize the results more effectively.
  • Measure and shrink the attack surface.

Resources

The following resources were mentioned during the presentation or are useful additional information.

Buzz and feedback

Here’s what was said about this presentation on Twitter.