Explore the current landscape of DevSecOps in this comprehensive 52-minute conference talk from the RSA Conference. Gain valuable insights from Clint Gibler, Research Director at NCC Group, as he distills key tips, lessons learned, and tools from numerous blog posts and conference talks. Discover unique perspectives gathered from discussions with security leaders at companies with mature security programs. Delve into fundamental areas of modern application security programs, including threat modeling, secure code reviews, security training, building security culture, developing security champions, and implementing security scanning tools. Examine monitoring and logging practices in production environments, and understand how software moves from development to production in agile, CI/CD-embracing settings. Enhance your knowledge of network, infrastructure, and cloud security principles to stay ahead in the rapidly evolving DevSecOps landscape.
Overview
Syllabus
DevSecOps State of the Union
Taught by
RSA Conference