DevSecOps: What, Why and How
Security is often added towards the end, in a typical DevOps cycle through a manual/automated review. However, with DevSecOps, security can be injected at every stage of a DevOps pipeline in an automated fashion. Having a DevSecOps pipeline enables an organization to:
- Create a security culture amongst the already integrated “DevOps” team
- Find and fix security bugs as early as possible in the SDLC
- Promote the philosophy “Security is everyone’s problem” by creating Security champions within the organization
- Integrate all security software centrally and utilize the results more effectively
- Measure and shrink the attack surface.
- How a DevOps pipeline can easily be metamorphosed into a DevSecOps and the benefits which can be achieved with this transformation.
- Assisted with various demos, how to develop a DevSecOps pipeline using free/open-source tools in various deployment platforms, i.e. on-premise, cloud native and hybrid scenarios.
- The cultural aspects of DevSecOps and the changes needed to get tangible benefits.
In this webinar you will learn:
The webinar will also present various case studies on how critical bugs and security breaches affecting popular software and applications could have been prevented using a simple DevSecOps approach.
To watch the recording click the button below
Speaker: Anant Shrivastava
Anant Shrivastava is an information security professional with over 11 years of expertise in Network, Mobile, Application and Linux Security. He is Regional Director - Asia Pacific for NotSoSecure, a Claranet group company. He has trained over 800 delegates at various conferences including Black Hat -USA, ASIA, EU, Nullcon and many more.
He has also been a speaker at various conferences such as Nullcon, c0c0n, Rootconf, plus leading an Open Source project Android Tamer (www.androidtamer.com) and CodeVigilant (www.codevigilant.com).
He is active in various open security communities like OWASP, null, G4H. He is chapter leader for local null community chapter and is an avid open source contributor. He is a contributing author for OWASP Web Testing Guide v4.0 and a reviewer for Mobile Testing Guide and Mobile ASVS standard documents by OWASP. His work can be found at anantshri.info.