Many DevSecOps Tools are Just DevOps Lipstick on an Old Pig

September 30, 2018
Slides: https://www.slideshare.net/Pivotal/devsecops-is-not-just-devops-lipstick-on-a-traditional-security-pig/Pivotal/devsecops-is-not-just-devops-lipstick-on-a-traditional-security-pig There are a lot of DevSecOps tools that are just DevOps lipstick on a slow security tool pig. Tools that don't give results for hours or sometimes days or lack the ability to integrate well with the development team's other tools and practices are a non-starter. What's needed to add security to DevOps are tools that must be able to do their job within a rapid-cycle CI/CD pipeline. This is disruptive to the entire security tool landscape. This talk lays out the security tool categories that have traditionally been used by development teams and describes the characteristics of ones that fit as ones that don't fit in a DevOps world. Further, the talk presents a novel approach to evaluating DevSecOps tools and the results of using this evaluation approach on a subset of the most popular tools currently in the market. Speakers: Larry Maccherone DevSecOps Transformation Lead, Comcast Filmed at SpringOne Platform 2018
Previous
Iterating for Success: A Case Study in Remote Paired Programming
Iterating for Success: A Case Study in Remote Paired Programming

Slides: https://www.slideshare.net/Pivotal/iterating-for-success-a-case-study-in-remote-paired-programming-...

Next Video
Implementing PII Encryption with PDX Serialization
Implementing PII Encryption with PDX Serialization

After many publicized security breaches, many firms are scrambling to add encryption for Personally Identif...

Enter curious. Exit smarter.

Learn More