DevSecOps isn’t meant for just Gods and Unicorns, it is for mere mortals as well. One of the challenges we have in using Application Security practices is where to start, how to get value, i.e., be successful with initial efforts, and how to build on that success. The world is being driven more and more by network-connected applications and services that are constantly under attack from the curious and malicious. By simply adding steps to your pipeline, you can iteratively add AppSec practices to your process and dramatically increase the security of your software. Join Tom as he lays out...
Tom Stiehm
Tom Stiehm has been developing applications and managing software development teams for over twenty years. As CTO of Coveros, he is responsible for the oversight of all technical projects and integrating new technologies and testing practices into software development projects. Recently, Tom has been focusing on how to incorporate DevSecOps and agile best practices into projects and how to achieve a balance between team productivity and cost while mitigating project risks. One of the best risk mitigation techniques Tom has found is leveraging DevSecOps and agile testing practices into all aspects of projects. Previously, as a managing architect at Digital Focus, Thomas was involved in agile development and found that agile is the only methodology that makes the business reality of constant change central to the process.