Close Encounters of the Vulnerable Kind - A DevSecOps Odyssey

Embark on a DevSecOps odyssey with this 52-minute conference talk by Pranshu Bajpai, Principal Security Architect at Motorola Solutions Inc. Explore the most common DevOps security risks, including vulnerable dependencies, lack of verifiability, improper access control, and exposed pipeline configurations. Gain insights into creating a DevSecOps culture that emphasizes developer perspectives and enables security implementation. Learn about the importance of security champions, the critical balance of people, processes, and tools in DevSecOps, and how to separate vendor hype from reality. Discover real-world examples of vulnerabilities in modern DevOps practices, with anonymized screenshots and scenarios. Understand the significance of hardening pipelines, continuous monitoring, and integrating security naturally into the DevOps process.