Security automation! Automate Everything! That is the sound we always hear. That's what we voice every time on stage. But how far should we apply this? Should we automate every security check? And if you do this, will you then actually be secure?

Join us in this session, as we want to revisit the often recommended security automation steps for any dev-sec-ops driven organization and discuss our experience with them. Based on that you can see whether you want to run them never, once or always. Next to that, we discuss some cases that we only found through manual verification. We will end with a set of recommendations in terms of what manual actions you will need to move forward on your security journey!