DevSecOps - Security at the Speed of DevOps
Security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy orders of magnitude faster than human gating can achieve. What's needed to add security to DevOps are tools that work well with rapid-cycle CI/CD pipelines and an approach that reinforces the DevOps culture and process changes. This requires that security specialists become self-service toolsmiths and advisors and stop thinking of themselves as gatekeepers. Larry guides you through the characteristics of security tools compatible with DevOps, while focusing on the hardest part; THE PEOPLE. You'll be introduced to the DevSecOps manifesto and provided with a process model, based upon Agile transformation techniques, to accomplish the necessary mindset shift and achieve an effective DevSecOps culture. This model has been successfully used in a large DevSecOps transformation at Comcast and has gained recognition in DevSecOps circles as a leading framework.