In a world where speed is king and “merge, build, deploy” feels like second nature, are we pausing long enough to ask what we’re actually pushing? This session challenges the DevOps mantra of velocity by digging into a deceptively simple question: Is that push secure—or just fast?

Using GitHub Advanced Security as our investigative toolkit, we’ll walk through how automated code scanning, secret detection, and dependency review can become your CI/CD team’s silent sentinels using a project I worked on for a client. From detecting that rogue API key to catching transitive CVEs hiding in your most trusted libraries, you’ll learn how to bake security into every commit—without slowing down your team.

Whether you’re a release engineer, SRE, or a developer with a GitHub tab open 24/7, this talk will reframe how you view “done.” Let’s move beyond shipping fast—let’s ship fast and safe.