DevSecOps, Compliance GRC, and the Future of Application Security - Francesco Cipollone - ASW #177
Security Weekly Podcast Network (Video) · Security Weekly Productions
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
DevSecOps has been traditionally very people centric. It is hard to measure software security and the landscape is becoming increasingly more complex with container, cloud, and infrastructure. Driving an appsec program at scale is often an art that only few can master and the majority of organizations remain uncovered from an appsec perspective. Measuring DevSecOps and evolving risk-based vulnerability management is a must. Bringing along risk people and GRC has traditionally been challenging.
Segment Resources:
- AppSec Cali 19 Talk: https://www.youtube.com/watch?v=cegMUjo25Zc
- ADDO19: https://www.youtube.com/watch?v=x1p3exzkTIY
- Open Security Summit 20 - https://www.youtube.com/watch?v=8myMG36gq4o,
https://www.youtube.com/watch?v=mh_P1C1a-CM
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw177