DevSecOps in Practice - Where Code and Design can go wrong
The world of software development has undergone a series of steps in its
evolution to its current form. Developers, security experts, and operations
specialists are combined to teams of DevSecOps entities which can solve any
problem the Universe can think of. That's the theory. The problems of
day-to-day inreractions are a lack of common language, still existing silos
of knowledge, less-than-ideal tools used in the software development cycle,
and continuous integration pipelines that still miss crucial errors in design
and logic. How can this happen? This presentation tries to give the audience
a look behind the scenes of code creation. It is a guided tour of teams,
metrics, and interwoven components at work.
Value for the audience:
Perspective of software development seen from Ops and Sec
Helpful hints for improving existing development teams
Outlook on common problems occuring in DevSecOps groups
Problems addressed:
How to deal with implementing dev, sec, and ops in existing teams; what needs to be addressed in terms of requirements, processes, and constraints
How to address the security of complex development environments
Discussion of security implications of cloud platforms and virtualisation technology in software development
Presented by:
René Pfeiffer
Company: SEC4YOU Advanced IT-Audit Services GmbH
Talk language: English
Level: Advanced
Target group: software developers, security experts, operations people (also known as system administrators), team leaders, Scrum masters, quality managers (i.e. testers), and everyone else involved in the creation of software
