What is DevSecOps, and how can we embrace it as we continue improving our systems development cycle?
To answer this important question is Sean D. Mack, a transformational technology leader who has literally written the book, ‘The DevSecOps Playbook: Deliver Continuous Security at Speed’.
Appreciating the crucial role that security (at speed!) plays in your DevOps process begins with understanding company culture. It’s not so much about understanding the tools (“moving to the cloud”) as it is about the People, Process, and Technology.
All the stakeholders need to appreciate that prioritizing security upfront will save time and money in the long run. It’s not a case of security being something too hard to understand so you think that if it’s out of sight, it’s out of mind.
Ask yourself: what could go wrong if we don’t prioritize security? This is increasingly more prevalent with AI writing code and far fewer eyeballs on the software development process.
Learning how to begin with the end in mind, ask the right questions, and embrace collaboration are all key issues that Sean helps us to understand.
Getting things to market faster, better, and now more secure is sure to see DevSecOps gain traction as we learn that it’s not too complex a term to understand.
How we start employing it in our systems development cycles is something that (thankfully) Sean is giving us some great pointers for, straight from his playbook. Please join us.
“One of the things that’s important with dev sec ops (and powerful about it) is that it’s not just about security. It’s about secure at speed.” ~ Sean D. Mack
In This Episode:
- What is DevSecOps? How is it different to DevOps?
- How Sean helps businesses keep their businesses secure (People, Process, and Technology)
- Understanding process: begin with the end in mind
- How important is continuous deployment?
- What are the most costly mistakes of DevSecOps?
- The power of employing a DevOps coach (but not outsourcing the internal change needed)
- Building security into how we work, upfront
- How do non-technical stakeholders think about DevSecOps?
- How do we educate ourselves about DevSecOps?