Discover a practical framework for scaling AppSec programs in this 31-minute DevSecCon talk. Explore common pitfalls in DevSecOps scaling, learn from Razorpay's experience, and gain insights into effective strategies. Examine topics such as build vs. buy decisions, security champion programs, and metrics for tracking success. Acquire valuable knowledge to overcome unique challenges in scaling AppSec and apply a useful model to your organization's security efforts.
Overview
Syllabus
Intro
About Sandesh
Agenda
Why DevSecOps fail
Caveats
Framework
Support for Scale
Drama
How did this work for Visible
Metrics to track
Business Intelligence
Build vs Buy
Collaborate
Scaling DevSecOps
Takeaway
Taught by
DevSecCon