LASCON 2018

The best DevSecOps practices are built alongside strong DevOps practices. However, DevSecOps processes and tooling are often decided within a security silo, rather than by a DevSecOps collective. Security ends up more integrated and efficient than in the past, but the approach is still “bolt-on” and not ultimately streamlined.
Collaboration between security and other DevOps groups around roadmaps and sharing of resources can lead to greater efficiency and innovation, while better supporting the value stream.
This talk will discuss foundational considerations when building a DevSecOps practice. You will learn about the top prerequisites for a successful DevSecOps practice – most of which are provided by groups other than security; and we’ll discuss case studies, both from organizations who have embraced DevOps as a foundation for DevSecOps, and those who haven’t. Attendees will walk away with questions to ask their counterparts in DevOps to understand current DevOps maturity and where security can leverage existing and planned DevOps resources to enable effective DevSecOps.