The Future of DevSecOps

This talk starts with a brief history of how security and DevOps have evolved and covers key problems with the current approach. The remainder of the talk explores what the future of DevSecOps has to look like in order to solve security as a whole.

This talk provides a brief history of how development, operations and security testing have become highly complex. It continues to outline the key problems with traditional security solutions and why in 2020 companies around the world are still figuring out a good way to manage security as part of rapid development cycles. Specifically, the big challenge of introducing and fixing new security issues versus tackling the existing security dept of existing applications.

To quote Bishop Desmond Tutu, “There comes a point where we need to stop just pulling people out of the river. We need to go upstream and find out why they’re falling in.”

After setting the stage, the remainder of the talk will focus on the paradigm shift that security solutions have to incorporate in order to solve the problem of sustainably secure applications on all layers. This will explore how the elements of Speed, Just in time training, and Data science have to be leveraged to empower development teams around the globe to get ahead for once and finally become able to move fast and be safe at the same time.

The 3 core takeaways for the audience are:

1.) Where security practices have gone wrong so far.

2.) What new technologies will cause a paradigm shift in how security is applied at scale.

3.) How security will look like in 5-10 years.