Security has historically had to be an after-thought for developers. The need for speed and delivery means that misconfigurations and vulnerabilities can make it through the development pipeline, and they are often only fixed post-deployment.
Naturally, this can be costly and not only puts the business at risk but also negatively impacts developer productivity. As a result, many organizations now incorporate security into the software development process, shifting left with a DevSecOps approach.
However, there is a new trend in town - SecDevOps. But what exactly is it? In this episode of Day-to-Day DevOps, Helen Beal and guests are breaking down the new trend of SecDevOps, explaining how it goes one step further than DevSecOps and exploring why it considers information security as the number one priority, with measures needing to be taken before development even begins.
Join to hear how businesses - and DevOps teams - can implement developer-led security practices. Points of discussion will include:
- Why security should no longer be the sole responsibility of the security team
- Why organizations cannot buy their way into SecDevOps/DevSecOps; a ‘shift left' approach is as much a human initiative as it is a technical one
- The benefits of adopting SecDevOps practices
- How security professionals and developers can align expectations and practices
And more