Explore the concept of "Shifting Engineering Right" in this 45-minute LASCON conference talk. Learn how security engineers can enhance their skills by adopting DevSecOps principles and collaborating with development teams. Discover strategies for building customer-facing security features, unlocking additional revenue, and fostering bidirectional knowledge transfer between teams. Gain insights into practical security decisions, fixing small bugs, and making projects successful. Delve into topics such as metrics, forced MFA, writing software design docs, and effective documentation. Understand the importance of joining other teams, learning new skills, and working closely with developers to create a meaningful security/engineering partnership.
Shifting Engineering Right - Security Engineers Learning from DevSecOps
Overview
Syllabus
Intro
DevSecOps
Security Engineering
Learning from Software Engineers
Practical Security Decisions
Fixing small bugs
QR tips
Fix small bugs
You have value
How to make your project successful
How to get funding
Metrics
Forced MFA
Writing software design docs
Reference docs
Glossary
Requirements
Work breakdown
Joining other teams
Learning new skills
Writing good documentation
Work with devs
Taught by
LASCON
