Session Name: “Do you do that, or do I do that?”: How Security and Engineering Can Align For DevSecOps Success
It takes two to tango, and DevSecOps might be the most complicated dance both engineering and security leads have to learn in the next few years. So let’s talk about that, with me in the security corner and my co-speaker Larry Maccherone on the engineering side: How can you make DevSecOps work as a two-part team? With Larry leading DevSecOps transformation at Comcast, and my experience as a CSO at Cobalt and security lead in companies like eBay and Zynga, we can share many practical tips on how to lead the shift left effectively and how to get your teams to join along for the ride. We can speak to: (1) How to integrate feedback into each other’s workflows, (2) How to transition from manual to automated testing, (3) What metrics to track, and (4) How to build successful DevSecOps teams.
Caroline Wong is the Chief Security Strategist at Cobalt.io. Her close and practical information security knowledge stems from broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. She is a well-known thought leader and has contributed content to LinkedIn Learning and Forbes. Caroline has been featured in multiple Women in IT Security issues of SC Magazine and was named one of the Top Women in Cloud by CloudNOW. She received a Women of Influence Award in the One to Watch category and authored the popular textbook Security Metrics: A Beginner’s Guide, published by McGraw-Hill. Caroline graduated from U.C. Berkeley with a B.S. in Electrical Engineering and Computer Sciences and holds a certificate in Finance and Accounting from Stanford University Graduate School of Business.