Overview
Explore the principles of DevSecOps in this 22-minute conference talk from Derbycon 2019. Dive into the software development lifecycle, learning how to integrate security at every stage. Discover the importance of portability, agility, and continuous testing. Understand why security should be treated as code and how complexity impacts security. Gain insights on scaling security practices, fostering a security-conscious culture, and empowering developers to take pride in secure coding. Learn strategies for effective integration, training, and thinking like an attacker. Explore the value of trust, verification, and feedback in building robust DevSecOps practices.
Syllabus
Introduction
Software Life Cycle
Portability
Agile and DevOps
DevSecOps
Software Development Lifecycle
Test Everything
Security is Code
Security is Complexity
Scale
You are secure
Security is everyones responsibility
Developers want to be proud
Integration
Training
Training Budget
Think like an attacker
Get volunteers
CTF team
Trust
Verification
Feedback
Question