search menu icon-carat-right cmu-wordmark


This session was presented by Tracy Bannon of MITRE at DevSecOps Days Pittsburgh, held virtually April 27, 2022.

Software Engineering Institute




CyberSecurity has traditionally been regarded as a function of a distinct security group. In reality, security and cyber resilient software is the responsibility of everyone in the organization. There is a well intended call to "shift security left" but no one knows how! Instead, organizations are depending on developers to become cyber-savvy on their own. Attendees will learn about why to *not* shift left, how to build a new security culture, and tips, tricks, and tools for moving away from security hobbyists to having experienced pros.

Tracy (Trac) Bannon is a Senior Principal in MITRE Corporation’s Advanced Software Innovation Center. She is an accomplished software architect, engineer, and DevSecOps advisor having worked across commercial and government clients.

She is a passionate architect and her specialty emphasizes cloud native, decoupled architectures, DataOps/xOps, and DevSecOps. Understanding complex problems and working to deliver mission/business value at the speed of relevance is job one!

Trac walks the walk and talks the talk. She’s just as passionate about mentoring and training as she is about architecting sustainable ecosystems! She enjoys community and knowledge building with her teams, her clients, and the next generation of technologists by guest lecturing at universities, leading working groups, and sharing experience stories.

Trac is a featured speaker and panel moderator at industry events holding certifications from Microsoft, AWS, DevOps Institute, PMI, Scrum Alliances, and the Software Engineering Institute (SEI).

Download the graphic recording.