Large-Scale DevSecOps: Bringing Security Confidence to a Chaotic Development World
Implementing application security programs on a large scale can often seem chaotic and unwieldy. Without the proper knowledge to implement robust AppSec tools, DevSecOps on a large scale can be overwhelming. Additionally, with the countless number of customizable build, task-tracking, and CI integration systems available, many companies don’t know where to begin implementation of DevSecOps. Dennis Hurst will provide the knowledge necessary to wield powerful AppSec tools based on his experience with a variety of large corporate clients. He'll discuss common pitfalls and unique challenges with various tools (including static, dynamic, threat modeling, and architecture review) in the DevOps process. You'll learn what “the board” and C-level executives really care about in security, how to identify and track the right key performance indicators and program metrics, and what needs to be implemented before an application should be moved into production. Don’t get lost in the often-chaotic world of high-power DevSecOps initiatives; learn how to handle them well so you can appropriately protect your applications.