DevSecOps for Managers, Executives, and Mere Mortals
DevSecOps isn’t meant for just Gods and Unicorns, it is for mere mortals as well. One of the challenges we have in using Application Security practices is where to start, how to get value, i.e., be successful with initial efforts, and how to build on that success. The world is being driven more and more by network-connected applications and services that are constantly under attack from the curious and malicious. By simply adding steps to your pipeline, you can iteratively add AppSec practices to your process and dramatically increase the security of your software. Join Tom as he lays out a plan for starting with AppSec including, where to start, how to achieve success and build on it. We will also talk about what to do after achieving initial success, where you should introduce AppSec in your development process, and where AppSec should go in your build pipeline. Finally, we will discuss what still needs to be done by a person and what skills they will need. The time is past for Application Security to be an afterthought that can be bolted on after the software has been written. Step into the new networked world of software where security is integral to how people will view your product. Strong application security has become table stacks for software.