Chapter 1: Is DevSecOps Dead? | Introduction to DevSecOps

  1. Register Now

About This Series

The buzz around "DevSecOps" has persisted far longer than most tech trends, yet more than a decade since its introduction, many organizations still face significant hurdles in adopting it effectively. Engineering and security teams continue to struggle not only to reduce software risks but also to ease the persistent friction between development and security. And in many cases, these challenges have worsened. So why has progress been so difficult?

Welcome to the DevSecOps masterclass, where we will provide Application Security and Developer leaders & practitioners with the knowledge and tools to build and manage a successful DevSecOps program using the six pillars of Snyk's newly released DevSecOps Maturity Framework as our guide. Participants will learn how to build a strong foundation, work more seamlessly with both developers and security, and put an emphasis on Developer Security, the DevSec in DevSecOps.

You Could Win...

WIN A $250 Amazon Gift Card

WIN A $250 Amazon Gift Card

Giving away 5x!

Must be in live attendance to qualify. Duplicate or fraudulent entries will be disqualified automatically.

Virtual Event Sessions

  1. Chapter 1: Is DevSecOps Dead? | Introduction to DevSecOps

    In this intro chapter, we'll kick off by exploring the fundamental principles of a successful DevSecOps program. You'll get an overview of Snyk's 6-pillar maturity framework, providing a comprehensive framework for understanding and implementing DevSecOps best practices. We'll examine key elements of a strong DevOps foundation, including aligned goals, shared responsibility, cross-functional collaboration, CI/CD automation, a blameless culture, and the importance of measuring and capturing key metrics.

    Join us to gain a foundational understanding of DevSecOps and lay the groundwork for building a secure and efficient software delivery pipeline.

    Learn More
    1. Brian Vermeer Brian Vermeer Staff Developer Advocate, Snyk
  2. Chapter 2: People, Process, and Secure Code

    A successful DevSecOps program requires a strong foundation built on strategy, culture, and secure design. This webinar will delve into the critical elements of these pillars, exploring how to create a shared vision, foster a security-conscious culture, and embed security into your development processes from the outset.

    We'll discuss the importance of a documented security strategy, defining ownership and accountability, and creating a learning culture. Additionally, we'll explore the concept of secure design, risk tolerance, asset inventory, and the benefits of simplifying technology stacks. Join us to learn how to establish a solid foundation for your DevSecOps journey and build a more secure and resilient organization.

    Learn More
    1. Vandana Verma Sehgal Vandana Verma Sehgal Staff Developer Advocate, Snyk
  3. Chapter 3: Automating Security in Every Stage

    This chapter will dive into the critical role of testing and monitoring within your DevSecOps pipeline. We'll explore how to integrate security testing seamlessly into your development workflows, empowering your teams to identify and mitigate vulnerabilities early and efficiently.

    1. Brian Vermeer Brian Vermeer Staff Developer Advocate, Snyk
  4. Chapter 4: Don't Panic (And Other Incident Response Recs)

    Once vulnerabilities are identified, timely and effective response and remediation are crucial. This chapter will cover strategies for managing, prioritizing, and resolving security issues. We'll explore how to establish efficient incident response processes, leverage runbooks and playbooks, and prioritize vulnerabilities based on risk and impact. Discover techniques for automating remediation tasks, fostering a security-conscious culture, and the importance of regular software updates.

    1. Sonya Moisset Sonya Moisset Staff Developer Advocate, Snyk
  5. Chapter 5: Security Vital Signs: Collecting Critical Analytics

    This chapter will discuss how to collect, analyze, and interpret key security metrics, define and track meaningful KPIs and SLOs, and leverage data to inform your security strategy. Additionally, we'll explore the importance of sharing and communicating metrics to foster transparency, build trust, and reinforce a security-conscious culture. Join us to learn how to determine the health of your security program to optimize your DevSecOps practices and achieve your security goals.

    1. Sonya Moisset Sonya Moisset Staff Developer Advocate, Snyk