You Build It, You Secure It: Introduction to DevSecOps

Early on in the "cloud," Werner Vogels made his famous quote "You Build It, You Run It".

With DevOps we learned that this became a mantra for shared responsibility between developers and operations. Operations learned how to process infrastructure as code and participate early in the supply chain of a service's life cycle. Developers learned that they had responsibilities to enable and in some cases operationalize their service.

Now there is a new movement to include and collaborate in a similar way with Security. This is all part of an "everything" shift left ideal. Developers and operations are taught the importance of including security in the stories and all parts of the delivery pipeline including security gates as well as code test gates.

Listen in on this session featuring DevSecOps expert, John Willis, as he goes through an introduction to DevSecOps. We discuss:

• Why traditional DevOps has shifted and what this shift means
• How DevSecOps can change the game for your team
• Tips and tricks for getting DevSecOps started within your organization

About the Speaker:

John Willis is VP of DevOps and Digital Practices at SJ Technologies. Prior to SJ Technologies he was the Director of Ecosystem Development for Docker, which he joined after the company he co-founded (SocketPlane, which focused on SDN for containers) was acquired by Docker in March 2015. Previous to founding SocketPlane in Fall 2014, John was the Chief DevOps Evangelist at Dell, which he joined following the Enstratius acquisition in May 2013. He has also held past executive roles at Opscode/Chef and Canonical/Ubuntu. John is the author of 7 IBM Redbooks and is co-author of the “DevOps Handbook” and the upcoming Beyond the Phoenix Project.