Explore DevSecOps implementation strategies in this comprehensive conference talk. Learn how to integrate security into DevOps processes, overcome cultural clashes between security and development teams, and leverage existing tools and workflows to enhance your organization's security posture. Discover techniques for automating security measures, handling incidents in production, and shifting security left in the development lifecycle. Gain insights into trunk-based development, incident response protocols, and effective crisis management. Understand the differences and similarities between operations and security functions to create a more cohesive DevSecOps approach, even with limited resources.
Overview
Syllabus
Introduction
Why DevSecOps
Complicated Domain
Solving Problems
Complex vs Complex
Incidents in Production
Pre DevOps Deployment Workflow
No Security Team
Live Off The Land
Have the devs build it
Trunkbased development
Incident response
How to find out
How to handle a crisis
Automate
Operations vs Security
Shifting Security Left
Taught by
NDC Conferences
