loading...
Cover image for 31 Days of Security Awareness in DevSecOps - DAY 30
Snyk

31 Days of Security Awareness in DevSecOps - DAY 30

alyssamiller_905 profile image Alyssa Miller ・1 min read

In 2012, Joshua Corman and Gene Kim gave their now quite famous talk at RSA "Security is Dead, Long Live Rugged DevOps". For many, this has been credited as the start of the DevSecOps discussion.

Unfortunately, early on some in Infosec mis-interpreted this talk as a suggestion that security teams would go away, in reality it was quite the opposite.

As security practitioners, to achieve the value that DevSecOps holds for improving our security practices, we have to accept that the old ways of doing things won't work. Yet here in 2020 we continue to add complexity and work to the pipeline rather than simplify it. The result is our practices don't get adopted. We have to focus on reducing friction, ensure security != frustration, and work collaboratively to establish report and trust with our devs and our ops. We can and must do better.

Discussion

pic
Editor guide