Whether you’ve already implemented the principles of DevSecOps and are looking for some top tips, or are part of a team who hasn’t historically been using a SDLC and are looking to adopt these practices for the first time, this discussion will bring you valuable advice and best practices from our panel of experts.
What did we discuss?
Identifying and remediating vulnerabilities at every phase of the software lifecycle is critical to a business’s overall security posture, as well as our increasingly interlinked and global software supply chains. Mistakes by developers or low-quality code can lead to huge problems down the line, leaving businesses, their clients, and those in their supply chain vulnerable to exploitation by cyber criminals, with potentially devastating effects. Successful adoption of DevSecOps and embedding cyber security practices with high levels of automation, is therefore a focus for many businesses in 2023.
We were joined by World Class expert & SANS Fellow, Frank Kim, who is co-author and instructor of SEC540: Cloud Security and DevSecOps Automation, as well as the CISO in residence at YL ventures.
Key discussion points:
- Adoption: What does successful implementation of DevSecOps look like? What threats should you look out for?
- Automation: Implementing and testing security as part of the automated pipeline
- Monitoring your software supply chain to quickly remediate vulnerabilities
- Next steps - what can you do today?
Our panel
- James Lyne - Founder at Secure Impact
- Frank Kim - Fellow at SANS Institute & CISO in residence at YL ventures
- Tom Fawcus Gibbs - VP of Technology at Secure Impact
- Giorgia Cacace (moderator) - General Manager at Secure Impact