Company: Flo Health App
Leo is a Certified Data Privacy Solutions Engineer with over 10 years’ experience in risk management and security within finance, e-commerce, and FinTech.
Leo has been a keynote speaker at GDPR Scotland & Scot-Secure. He won the 2019 Scottish FinTech Award for ‘Best Information Security’ beating one of the biggest banks in the world to the prize.
What Is Devsecops? Key Steps to Do It Well
DevOps isn’t just about development and operations. If you want to take full advantage of the agility and responsiveness of a DevOps approach, IT security must also play an integrated role in the full lifecycle of your product.
Why? In the past, the role of security was isolated to a specific team in the final stage of development. That wasn’t a problem when development cycles lasted months or even years, but those days are long over. Effective DevOps ensures rapid and frequent development cycles (sometimes weeks or days), and outdated security practices can undo even the most efficient DevOps initiatives.
DevSecOps highlights the need to invite security teams to build in information security and set a plan for security automation at the very outset of DevOps initiatives. It also underscores the need to help developers code with security in mind, a process that involves security teams sharing visibility, feedback, and insights on known threats.
We will discuss our journey towards DevSecOps and what you can learn from this.