Speakers
Synopsis
Cost is the most powerful driving factor of everything we do in a DevSecOps program (or anything in general) and yet, more often than not, focus is on well-discussed trilogy - People, Process and Technology. In this talk I will share my real-world approaches, experiences & learnings of a scalable DevSecOps program and provide the cost perspective to it. This talk will help the application security leaders to understand how they can optimize the limited resources to enable the developers to build the software faster, frequently and securely.
In today’s time everyone will agree and we have enough data to prove that
- Business demands software fast and frequent and secure
- Technologies are growing at unprecedented rate
- Organizations are operationally complex
- Software security skill gap is real
- Software security is tough
- Budget is limited
We have several good contents covering the significance of the well-discussed trilogy in software security - People, Process, Technology. In this talk, I will share an in-depth analysis of the cost aspect of a DevSecOps program and demonstrate strategies to optimize the limited resources to secure software faster and align with modern SDLC. This talk will provide the guidelines and learnings to application security leaders to devise and operationalize a DevSecOps program aligning with their organization's business needs. The content of this talk will be supported with real-world examples and techniques of cost optimization like automation, self-service security services, contextual analysis, and open source solutions usage.
