Menu

Virtual Session: DevSecOps — Whose Job Is It Anyway?

Now more than ever, the notion that security is everyone’s responsibility is starting to resonate across the entire IT team. But responsibility does not equate with ownership, let alone budget. Any project where “everyone is responsible” but no one owns it, and different people pay for it, is doomed. This is the conundrum facing us in DevSecOps.  

For the most part it is still the security team choosing the security tool. But more than ever using DevSecOps tools falls to the Development, Ops and DevOps teams. Whose budget does it come from. In a bit of keystone cop’s comedy, usually everyone points the finger at the other guy to pay for it. This is not a recipe for success. How can we change the fundamentals to make DevSecOps have a higher chance of success? 

In this virtual session, we'll look at the ways to create a culture that promotes a shared role in security. Plus, learn how to evaluate DevSecOps tools that can help your organization release more secure software. 

  1. What you can do to make sure you pick the right DevSecOps tools
  2. How can you instill a culture of security is everyone’s responsibility
  3. How to determine who “owns” the DevSecOps program
  4. Ulitmately release more secure software.

Speakers

Headshot

Alan Shimel Editor-in-Chief and Founder, DevOps.com and Security Boulevard

Headshot

Derek Weeks VP, Sonatype

Headshot

Harry Sverdlove Former CTO, Carbon Black and Founder, CTO, Edgewise Networks

Headshot

John Willis Co-author of DevOps Handbook

Headshot

Stephanie Derdouri Director Vulnerability Management & Information Security, Fannie Mae

← View more Videos

This document was retrieved from http://www.rsaconference.com/videos/virtual-session-devsecops-whose-job-is-it-anyway on Sat, 17 Feb 2018 20:04:59 -0500.