Many DevSecOps Tools are Just DevOps Lipstick on an Old Pig

September 30, 2018
Slides: https://www.slideshare.net/Pivotal/devsecops-is-not-just-devops-lipstick-on-a-traditional-security-pig/Pivotal/devsecops-is-not-just-devops-lipstick-on-a-traditional-security-pig There are a lot of DevSecOps tools that are just DevOps lipstick on a slow security tool pig. Tools that don't give results for hours or sometimes days or lack the ability to integrate well with the development team's other tools and practices are a non-starter. What's needed to add security to DevOps are tools that must be able to do their job within a rapid-cycle CI/CD pipeline. This is disruptive to the entire security tool landscape. This talk lays out the security tool categories that have traditionally been used by development teams and describes the characteristics of ones that fit as ones that don't fit in a DevOps world. Further, the talk presents a novel approach to evaluating DevSecOps tools and the results of using this evaluation approach on a subset of the most popular tools currently in the market. Speakers: Larry Maccherone DevSecOps Transformation Lead, Comcast Filmed at SpringOne Platform 2018
Previous
Teaching TDD to Different Learning Styles
Teaching TDD to Different Learning Styles

Slides: https://www.slideshare.net/Pivotal/teaching-tdd-to-different-learning-styles Learning is not "one s...

Next Video
What We're Learning Adopting Spring Boot and PCF for Dell.com's eCommerce
What We're Learning Adopting Spring Boot and PCF for Dell.com's eCommerce

In this talk, Nandini and Malini will share some of the Do’s and Don’ts from their experiences working on t...

SpringOne Platform 2019

Learn More