DevSecOps is the buzzword du jour in the world of security. Organisations increasingly understand that if you transform development and embrace DevOps, you must transform security as well. Failing to do so would either leave you insecure, or make your security controls negate the speed you aimed to achieve in the first place.
So doing DevSecOps is good... but what does it even mean?
This talk unravels the different stages in the evolution of DevSecOps. It separates the term into securing DevOps technologies, methodologies and shared ownership, giving concrete examples of good and bad in each. In the end, you'll have the tools you need to choose your interpretation of DevSecOps, and choose the practices and tooling you need to support it.
Guy is a cofounder at Snyk.io, focusing on open source and cloud security. Guy was previously CTO at Akamai following their acquisition of his startup, Blaze.io, and worked on the first web app firewall & security code analyzer. Guy is a frequent conference speaker, the author of "Responsive & Fast”, “High Performance Images” and the upcoming “Securing Open Source Code”.