Shifting the DevSecOps Culture, Taking away the sugar piece and giving the pile to ants : Defcon - AppSec Village 2019
Title: Shifting the DevSecOps Culture, Taking away the sugar piece and giving the pile to ants
We have been talking about the technical angle of DevSecOps. How do I go about building the DevSecOps culture in the organisation? So far Generally corporates are trying to have all three Plays and teams Dev, Sec and Ops team together. However, the Ideal DevSecOps idea is each individual should know what is happening in the whole process. If person or team has issues/concern, then anyone can stand-up and take the DevSecOps further. Instead of giving the sugar cube to the individuals give them the who Pile of sugar to the Ants (aka teams), incase something fails the other teams can balance the situation or stand up for each other.
This talk will portray Call to action from different teams. What should a Developer should do, what a security and Operations person should do? How to bring the teams to work together. Example – Earlier security teams used to sit in a room alone. Now security team sits with operations and Dev teams.