AppSec USA 2016 has ended
Back To Schedule
Friday, October 14 • 2:35pm - 3:10pm
Moving to the Left: DevOps practices and the changing role of SecOps

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

As shown in the 2016 State of DevOps Survey, DevOps practices are changing the role of security teams, moving them “to the left” in the SDLC as part of the design phase and no longer simply validating production as being secure. Result: 50% less time remediating security issues.


The State of DevOps Survey has been running for the last 5 years, and the past two in particular have shown that DevOps practices are moving beyond just “Dev” and “Ops” to involve security teams as well as other areas of the business. Various labels are being used to describe this world: SecDevOps, DevSecOps, RuggedDevOps, but the critical inflection point is that the combination of strong automation platforms, continuous delivery, infrastructure-as-code and version control are all enabling security teams to validate and secure apps and infrastructure at the design phase. This minimizes the amount of manual validation of production by security teams, enables faster remediation of security issues and ultimately results in more secure deployments, but only if security teams take this opportunity to revisit existing practices that have built up over time.


In this talk we’ll be covering the high level results of the 2016 State of DevOps Report, the changing role of security teams as well as some anonymized user stories illustrating both how to best take advantage of a growing DevOps practice within your organization and major missteps observed in the field.

avatar for Bill Weiss

Bill Weiss

Sr Manager of SysOps, Puppet
As a red-and-blue-team member turned sysadmin herder, Bill Weiss had an early introduction to automation in security, and he's spent the rest of his career trying to bring that idea to more places. He started out working in the .gov, moved to Chicago to spend several years at a financial... Read More →

Friday October 14, 2016 2:35pm - 3:10pm EDT
Room C