Session Name: No Silos: Building and Effective DevSecOps Program
It doesn't matter if you call it DevOps, DevSecOps, or Rainbow Monkey Unicorn Pony - security is an integral part of the software development lifecycle. Even though we understand this, it's often difficult to know how to start building an effective DevSecOps program. This presentation will address four pillars of a successful application security program: Analysis, Validation, Observation, and Enablement and how they enable an organization to develop, deliver, and deploy applications from an idea to a customer facing environment. We'll discuss how to roll out a collaborative DevSecOps program on an enterprise scale, what pitfalls to watch for, and how an engineering first mindset can help you and your teams be successful.
DJ is a DevOps pioneer, and DevSecOps Advocate in the Healthcare industry and provides thought leadership to organizations looking to integrate security into their DevOps practices. He comes from a practitioner background and specializes in architecting DevSecOps pipelines, automating security in DevOps environments, and breaking down organizational silos that inhibit the delivery of safer software.