From the start, security has been a key priority for technology professionals who practice the grassroots principles of DevOps. However, even on teams which strive to adhere to DevOps practices, security concerns still take a back seat far too often. The more recent DevSecOps phenomenon does not represent a new idea (secure all the things!) but it does represent a renewed focus on the importance of security in the development lifecycle and its implications for all of downstream IT.

This session is for practitioners who want to understand and improve their ability to “shift left” in IT security. We will focus on the principles, processes, and technical skills necessary to make security and risk profiling a front-end priority: embracing a “quality first” mindset. It will also go into key ways in which the tools and automation that are the heart of DevOps must be secured to prevent them from being commandeered by bad actors.

Presenters:

Alan S Koch