INTERFACE Boise
Presented by Sonatype
As nimble organizations deliver new innovations, adversaries are also upping their game; something we’ve seen in recent high-profile and devastating cyber-attacks. Bad actors have the intent and ability to exploit security vulnerabilities in the software supply chain - and in some cases plant vulnerabilities themselves. They have increased scale through automation and improved breach success through precision targeting. If we don’t fight back by doing the same - automating security directly in the DevOps pipeline - then we’ll always be at the hackers’ mercy. This session will provide new research on the above and details on how to get started.
Key takeaways:
- Real-world examples of how large and small companies are implementing DevSecOps practices in their own delivery pipelines and increasing developer awareness of risks
- A walkthrough of how security principles have been automated into a CICD pipeline and what standards for implementation are beginning to follow suit
- Why DevSecOps is more than a buzzword and why it’s vital to protecting your software supply chain
- How automating the security of policies makes it harder to ignore