DevSecOps: Yesterday, Today and The Future

For more coverage of this live event go to https://thenewstack.io/ Prisma, from Palo Alto Networks, sponsored this podcast, following its Cloud Native Security Live, 2020 Virtual Summit held Feb. 11, 2020. The concept of DevSecOps is getting a lot of play these days — and for good reason. As organizations’ DevOps seek to boost their rates of deployments and updates at cadences unheard of just a few years ago, the risk of vulnerabilities can often increase at the same rate in theory. While it doesn’t have to be this way, of course, some organizations struggle with remediating vulnerabilities long after the software has been deployed, not only causing major potential headaches when breaches occur (think Equifax), but causing additional pain when developers must reconfigure code again, and in extreme cases, reinvent the wheel. The solution, of course, is for security teams to become vested in code development at the very beginning of the production cycle. This is what agile DevOps teams are supposed to do anyway, but many organizations have not implemented the necessary culture, tools, and processes to do this. After years of existing as a concept, DevSecOps formalizes the often missing security links in development processes today. In this edition of The New Stack Makers podcast, DevSecOps evolution and why it is so vital today were discussed. The guests were selected for there first-hand experience and experience with DevSecOps were: Rohit Gupta, global segment leader, security, for Amazon Web Services (AWS). Cindy Blake, security advocate, for GitLab. Shaan Mulchandani, AWS security practice, for Accenture. The New Stack Publisher Alex Williams hosted this episode.