During the past two decades, we have started shifting from the waterfall project planning to a more agile organization of our software development practices. Utilizing Scrum, Kanban, and Lean practices we are now better prepared for the unknown and can faster react to the changing requirements, product plans, and team rotation. But it seems that the security requirements for the software we are producing are still living in the “Waterfall World”. They are usually being verified as the last step of the development, introducing further delays or simply leaving the deployed software with more and more vulnerabilities.
Learning the lessons from how the Development and Operations teams joined their forces together mobilizing themselves under a common DevOps umbrella, security teams don’t want to stay behind. They see it as a chance to get more involved at each step of the software development in an Agile fashion. Hence DevSecOps approach, closing the gap between the security teams and the rest of the engineering organization.
In my talk, I will show examples of how DevSecOps can lead to a faster feedback loop related to the security issues in the software you are developing. Furthermore, I will explain how to transform your Agile Software Development practices to leverage this new DevSecOps approach and thanks to that produce code with much fewer security vulnerabilities.
Jakub Sendor – Delivery Manager at j-labs
Kuba Sendor helps companies to develop securely in the ever-changing threat landscape. Currently, he is a Delivery Manager at j-labs where he is also responsible for an awesome team of engineers delivering world-class software to the enterprise market. Previously he was managing the Corporate Security team at Yelp in the company headquarters in San Francisco, where together with his team they were responsible for analyzing and responding to the malware and phishing threats in addition to any other unforeseen types of security incidents. Before that, he worked as a researcher in the Security and Trust group at SAP. Over there he participated in the initiatives related to the data access control and privacy policies, way before GDPR was a thing. In his free time, he cycles runs or reads conspiracy theory novels.
Event Partner: Cyber Forum
Video from the webinar available on our YT channel: