DevSecOps in Practice - Where Code and Design can go wrong

The world of software development has undergone a series of steps in its

evolution to its current form. Developers, security experts, and operations

specialists are combined to teams of DevSecOps entities which can solve any

problem the Universe can think of. That's the theory. The problems of

day-to-day inreractions are a lack of common language, still existing silos

of knowledge, less-than-ideal tools used in the software development cycle,

and continuous integration pipelines that still miss crucial errors in design

and logic. How can this happen? This presentation tries to give the audience

a look behind the scenes of code creation. It is a guided tour of teams,

metrics, and interwoven components at work.

Value for the audience:
Perspective of software development seen from Ops and Sec
Helpful hints for improving existing development teams
Outlook on common problems occuring in DevSecOps groups

Problems addressed:
How to deal with implementing dev, sec, and ops in existing teams; what needs to be addressed in terms of requirements, processes, and constraints

How to address the security of complex development environments

Discussion of security implications of cloud platforms and virtualisation technology in software development

Presented by: René Pfeiffer
Company: SEC4YOU Advanced IT-Audit Ser­vices GmbH

Talk language: English
Level: Advanced
Target group: software developers, security experts, operations people (also known as system administrators), team leaders, Scrum masters, quality managers (i.e. testers), and everyone else involved in the creation of software

Partner der Konferenz 2022

ASQF e.V ATB - Austrian Testing Board coderskitchen dpunkt.verlag GmbH Fortiss GmbH GTB - German Testing Board Heise Medien GmbH & Co. KG iSQI GmbH IT Verlag für Informationstechnik GmbH SIGS DATACOM GmbH TU Wien, Institut für Information Systems Engineering, CDL-SQI WKO - Wirtschaftskammer
Loading...