DevSecOps is an inclusive term yet most security teams argue they remain left out of the effort to automate deployment processes. While DevOps teams and their tools are progressing along the automation curve, security teams are left to manual hand-offs from DevOps. As a result, DevOps and security teams struggle to collaborate as their organizations modernize and adopt cloud-native technologies.

Using the resources we already possess, is it possible for cybersecurity to gather speed and collaborate with DevOps? In this session, I will cover the current automation challenges faced by cybersecurity, namely a lack in collaborative when it comes to automation with DevOps. I will show how security tools can be used in DevSecOps pipelines to automate routine security tasks including: adding infrastructure-as-code security scanning before deploying Kubernetes clusters, scanning Kubernetes deployed on cloud infrastructure against the CIS K8s benchmark , and even performing remediation with Kubernetes in real-world DevSecvOps pipelines.

Cybersecurity is a growing field but the gap between DevOps and cybersecurity is widening. The faster we make DevSecOps a reality, the quicker we can enable cybersecurity teams to truly contribute in a collaborative approach with DevOps with cloud-native technologies.

Session overview:

- What is DevSecOps?
- How Cybersecurity and DevOps collaborate
- Security challenges today for enterprises in a cloud-native world
- How to automate common cloud native security use cases in DevSecOps
- Demo real-world Cloud-Native DevSecOps pipelines and Q+A