OWASP Toronto - November 2018 Event: DevSecOps Community Survey Working Session

Sonatype DevSecOps Community Survey - Working Session

DevOps is Security’s New Front Line

As we embrace movements like CI, CD and Devops to cut down on release cycles - and innovate faster, we as developers must also embrace the reality that the risk landscape is too complex to leave “security” to just those with security in their title. Traditional methods do not cut it anymore – it’s time for DevSecOps.

In a recent 2018 DevSecOps Community report, where 2,076 IT professionals were surveyed, 48% of respondents admitted that developers know application security is important, but they don’t have the time to spend on it. Done properly, DevSecOps practices shouldn’t interrupt the DevOps pipeline - but instead aid it - preventing costly rebuilds and build breaks, down the road.

Attendees of this session will walk away with:

• Real-world examples of how large and small companies are implementing DevSecOps practices in their own delivery pipelines, and increasing developer awareness to risks
• Key insights from 2,076 of their peers who participated in the 2018 DevSecOps community report - including where most mature DevOps practices are focusing their security efforts
• A walkthrough of how security principles have been embedded in a CICD pipeline and what standards for implementation are beginning to follow suit.

INSTRUCTIONS TO GET TO SECURITY COMPASS OFFICE:

From 5pm-6:30PM, the front door will be open. When you reach 390 Queens Quay West, you'll see a big Security Compass sign. The stairs to the 2nd floor are right under the sign.

After 6:30PM, you will need to go through the back door, straight past the concierge to the parking garage elevators and to P2. Security Compass is right at the elevator exit. Please press the doorbell when you arrive and someone will let you in.