DevOps - Transformation of Iron triangle to DevOps Triangle
DevOps has changed the traditional software development workflow and that has it's own effects. This definitely require people mindset change and changes in the traditional tools used so far. For new tools, capital investment required and to avoid that many companies are moving towards open source and inhouse tools. Security teams are still working in silos and have their own goals. This has put security on back seat in this entire flow and security always comes in the end of cycle. To overcome this challenge a new modified "step-by-step" approach is required.
Outline/structure of the Session
Following topics would be covered briefly during next 20 min
- Transformation of Iron triangle to DevOps Triangle
- Why we need it?
- Security team responsibility
- Traditional security control
- Step-by-Step approach
- Embedding security into DevOps process
- Plan for security from the first phase
- Engage developers, Ops and security team
- Embed security into automatic build process
Practitioners, Managers, SM, PO, QA