If My CI/CD Teams have Time for Security, So Does Yours

Software development is speeding up; Waterfall to Agile to Continuous Integration to Continuous Deployment. Do we still have time for security? Of course we do! But many development shops are unaware how to add security to their development process and will often use "security slows us down" as a reason to produce insecure code. This talk focuses on how to add security into a speedy development process while still remaining fast and responsive to customer requests.
 
2 favorite thumb_down thumb_up 0 comments visibility_off  Remove from Watchlist visibility  Add to Watchlist
 

Outline/structure of the Session

1. Is CI/CD hostile to security? 2. Where does security fit into our lifecycle? 2A. Fast 2B. Early 2C. Often 2D. Responsive 3. Architect for Security 3A. Centralize Security Components 3B. Automation 4. What does Security Testing Look Like?

Learning Outcome

No developer wants to be the one that checked in the code that allowed hackers to break in and steal sensitive data. Attendees of this talk will learn that there is a way to add security to an Agile environment without sacrificing speed & agility.

Target Audience

Developers, Testers, and Project Managers

schedule Submitted 3 years ago

Comments Subscribe to Comments

comment Comment on this Proposal

  • Liked Dan Neumann
    keyboard_arrow_down

    Dan Neumann / Susan DiFabio - Balloons, Rice, and Folded Paper - Secret Tools for Learning (and Teaching) Agile

    240 Mins
    Workshop
    Intermediate

    Experience agile in a fun, insightful, high energy, simulation where you will work in iterations to build products, test them, and apply feedback.  You will participate on a team and use a backlog, business values, sizing, and prioritization.  You’ll plan, execute, deliver, and reflect.  

    This session is a great way for you to experience working on a team in quick iterations and to see first hand how team members can gel quickly, combine skills, learn by doing, and achieve together.  If you have  been working on teams for a while, this simulation will help you see your current process in new ways and open up new opportunities for improvement.  

    Don’t worry, no technical skills are required - anybody can participate.  We have run this exercise with a number of different groups and the results are consistent - lots of energy, lots of insights that can be taken back to the real world, and lots of fun!

  • Liked Susan DiFabio
    keyboard_arrow_down

    Susan DiFabio / Dan Neumann - Agile Coach Activity Pack - Experience and Learn Through Four Simulations

    240 Mins
    Workshop
    Intermediate

    Attention coaches, Scrum Masters, and facilitators! This session is for YOU! Come get hands-on experience with a variety of games and activities that you can use to help people understand the power of Agile ways of working.

    When working with people who are new to Agile it is important to engage them in the experience. Talking about the wonders of collaboration and communication rarely changes anyone’s mind, but creating an environment where they can experience the value of rapid feedback, creative communication techniques, and collaborating as a team can help them see new opportunities for application in their day to day work.

    In this session you will not only get to experience these activities, you’ll come away with new skills in how to conduct them and debrief them as well.

  • Liked Dave Rooney
    keyboard_arrow_down

    Dave Rooney - Effective Software Delivery - Agility Without the Dogma

    60 Mins
    Workshop
    Beginner
    This session will explore what "effective" means when it comes to delivering software, regardless of the development method used. The audience will participate by sharing their own experiences and insights in order to examine the similarities and differences between business domains.
     
    The goal is to help you to identify what, in your particular context, will smooth out the rough road to a shipped product that meets the needs of the people who consume it, in an indefinitely sustainable manner.
     
  • Liked Matt Barcomb
    keyboard_arrow_down

    Matt Barcomb / Matt Barcomb / Rachel Howard - Talent Development 3.0

    45 Mins
    Talk
    Beginner

    Your company’s lean/agile transformation needs to include a major overhaul of your talent development practices. The landscape of finding, growing and retaining talented people has changed drastically over the last 10 years and lean practices and an agile mindset only accelerates that change so you need to be prepared?

     

    During this session, Rachel Howard and Matt Barcomb will guide you through new ways of finding good people that are better matches for your organization, professionally and culturally as well as more effective ways to grow talent in-house and creative retention methods that better match the needs of the new generation of technologists.

     

    Anyone who has traditional “HR responsibility” or is involved with traditional recruiting, hiring, compensating or training will leave this session with fresh ideas and pragmatic practices they can put to use quickly.

  • Liked DJ Daugherty
    keyboard_arrow_down

    DJ Daugherty - A Managers Guide to Gaining an Appreciation for the Engineering Practices

    90 Mins
    Talk
    Beginner

    Development engineering practices are many times misunderstood or completely ignored by the business.  The business wants valuable features, faster and with few defects.  I believe when the business and development understand each others practices... each party can delivery more business value... cheaper, faster, simpler.  This presentation will be a fun journey allowing developers and business-types alike to come to a common understanding of why understanding each other is important.