Click to watch this sessionIn March 2017, hackers took three days to identify and exploit a new vulnerability in Equifax’s web applications. In the post-Equifax world, moving new business requirements (e.g., a non-vulnerable version of Struts2) into production in under three days might just be your new normal. Join this session to better understand how DevSecOps teams are applying lessons from W. Edwards Deming (circa 1982), Malcolm Goldrath (circa 1984) and Gene Kim (circa 2013) to improve their ability to respond to new business requirements and cyber risks.
Learning Outcomes:- What our analysis of 17,000 applications reveals about the quality and security of software built with open source components
- How organisations like PayPal, Intuit, Fannie Mae and the Department of Defense are utilising the DevOps principles of software supply chain automation
- Why avoiding open source components and containers over 3 years old might be a really good idea
- How to balance the need for speed with quality and security early in the development lifecycle
- Leverage these insights to understand how your organisation's application of DevOpsSec practices compare to others
