Skip to main content

You are here

DevSecOps vs. DevOps

DevSecOps vs. DevOps

Monday, October 21, 2019 - 4:15pm to 5:15pm
Themes Theatre
Cyber Security
Cloud, Agile, DevOps, IT Modernization

Organizations are continuing to become more complex from a technological perspective as digital transformation activities change the very nature of the work being performed. As organizations implement technological capabilities to stay competitive, interact with their customers, and increase efficiency greater technological complexity is introduced. This increase in complexity can lead to significant organizational risk if cybersecurity is not able to manage the complexity properly defending, monitoring, and responding to threats. DevSecOps is an approach where developers are provided the tools, techniques, training, and guidance to develop code in a secure fashion as part of the delivery pipeline. This session will discuss these concepts giving the audience members a better understanding of secure software development and how to best integrate cybersecurity principles into the pipeline.

Learning Objectives:

  • Discover how cybersecurity requirements can be crafted as functional mission requirements in support of the development of secure code. 
  • Learn about the guidance and training needed to build a development team that has the skills and information necessary to develop secure code. 
  • Learn how to integrate cybersecurity tools into the development pipeline empowering developers to test code for security requirements.

Josh Boyd – Chief Technologist, Booz Allen Hamilton

Dr. Simon Szykman – Managing Director and CTO for Federal Services, Attain, LLC

Dr. Thomas P. Scanlon – Senior Cybersecurity Engineer & Researcher, CERT Division, Software Engineering Institute, Carnegie Mellon University

Lawrence Hale – Director, IT Security Subcategory, General Services Administration

Simmons Lough – Software Architect, United States Patent and Trademark Office