Organizational Change Through The Power Of Why - DevSecOps Enablement
Nazneen Rupawalla - 2 years ago
“Who owns your application” is the question that has always kept me on my toes but I see security rarely being thought of as a enabler & often an afterthought by delivery teams.
As I picked up the role of a security consultant, the following pain points are what I strove to understand across the teams:
Why does ownership and accountability of secure development falls onto security team
Why are account leads not completely aware of the security requirements and integration of these practices in development work
Why is security roadmap not being able to be integrated by leads
A year later, we have engineers who have learned the value of “why” in security and SDLC, as opposed to checking a box and a maturity model that helped leadership take informed decisions.
Via this talk, I would present the engagement model a product team can use to self-plan their security journey; a model that highlights the value of it which enhanced the engineering practice as a whole
Jobs with related skills
Fullstack TypeScript Developer (w/d/m)
Haufe Group
·
22 days ago
Freiburg im Breisgau, Germany
Hybrid
Building IoT Solution Engineer (f/m/div.)
sust.eco
·
yesterday
Berlin, Germany
Hybrid
Solution Architect (x|f|m) - Hybrid
Sartorius
·
yesterday
Municipality of Madrid, Spain
Hybrid
Releasemanager (m/w/d)
AOK Systems GmbH
·
2 days ago
Frankfurt am Main, Germany
+1
Hybrid
Related Videos