Date created: Aug 12, 2020
In the past few years, security integration within the DevOps pipeline has given rise to the idea of DevSecOps. Once seen as the bottleneck and inhibitor of the development and deployment process, security has become an integral part of the movement towards automation and the removal of manual oversight enforcement. As stated in the DevSecOps Manifesto, “We must adapt our ways to ensure data security and privacy issues are not left behind because we were too slow to change.”There are many practitioners in the field who are pushing forward with the idea of creating a secure application development pipeline, with security integrated from conception through deployment. During DevSecOps Days Denver, you will hear stories from those practitioners, explaining how they made the cultural transformation from legacy development and deployment processes to integrated systems that include security as a part of the process, not as an overseer or bottleneck to secure application development.This series of first person talks will give you a perspective on how you and your team can enable faster application development with more rapid deployment to production, while integrating security into your DevOps initiatives. Are you a Developer, DevOps Engineer, SecOps professional who is obsessed with shipping better quality more secure software faster? We are looking for the tactical and practical stories that you can share, so please consider this when submitting. Presentation RestrictionsWe have a strict “No vendor pitches” policy. We are looking for practitioners who can tell their story and help others see the path ahead. If you are a vendor, consultant or company who sells services or products, encourage your clients to tell their storyHow Submissions are EvaluatedWe are looking for practitioners to discuss the unique challenges of adopting security into the DevSecOps pipeline, the obstacles to security being a contributing and valued partner in DevOps and the ways to overcome them. Specific topics we are looking for include, but are not restricted to:How did you get senior management buy-in? What did you do? How did you quantify the business value?Examples of security teams being integrated into the CI/CD or DevOps processHow did you overcome objections inside the organization?How did you design and implement effective controls to mitigate security risks?Which business area (and application) did you start with, why, and what did you do?What were the top challenges, and how did you overcome them?What were your top mistakes, and what advice would you give as a result?Epic Failure DevSecOps stories are ++Submission GuidelinesSpeaking slots are 20 minutes.Attendees must be able to use the bulk of the presentation’s lessons without buying or using a particular tool or service (talk about the practice and solution, not about the tool or vendor)Each submission should end by communicating the core value in your message: how did you get security integrated into your DevOps initiative and what value did it provide to your project.
Date conference starts: Thu Oct 29, 2020
Date conference ends: Thu Oct 29, 2020
Date CFP opens: Aug 11, 2020
Date CFP closes: Sep 30, 2020