Integrating Security in DevOps
Software Engineering Institute
The term "software security" often evokes negative feelings among software developers because it is associated with additional programming effort, uncertainty, and road blocks to fast development and release. To secure software, developers must follow numerous guidelines that, while intended to satisfy some regulation or other, can be very restrictive and hard to understand. As a result, a lot of fear, uncertainty, and doubt can surround software security. In this podcast, Hasan Yasar discusses how the Secure DevOps movement attempts to combat the toxic environment surrounding software security by shifting the paradigm from following rules and guidelines to creatively determining solutions for tough security problems.
About the Speaker
Hasan Yasar is the Technical Director of the Continuous Deployment of Capability group in the SSD Division of the Software Engineering Institute, CMU. Hasan leads an engineering group to enable, accelerate, and assure transformation at the speed of relevance by leveraging DevSecOps, Agile, Lean AI/ML, and other emerging technologies to …Read more