Why most “How tos” on scaling DevSecOps fail and how do we fix itwith Sandesh Anand
Should we buy or build? Should we start with DAST, SAST or do everything all at once? Do we really need security champions? If yes, how do we sell the idea to engineering leadership? How well is our AppSec program doing?
While there is some consensus on how to get started with AppSec, scaling AppSec comes with a unique set of challenges. A cursory google search will give you many How-tos on the topic. While these articles are well-intentioned, they are too generic (“shift-left”) or too specific to a particular use case.
George Box once said “All models are wrong, some are useful”. The goal of the talk is to provide a useful (without trying to be perfect) framework to help Security leaders scale their AppSec program. The presentation will also talk about how we scaled AppSec at Razorpay and how the framework can be applied elsewhere.
Смотрите видео Why most “How tos” on scaling DevSecOps fail and how do we fix itwith Sandesh Anand онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь DevSecCon 27 Июнь 2023, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 136 раз и оно понравилось 5 людям.