SlideShare a Scribd company logo

Why happier developers create more secure code

D
DJ Schleen

If you missed Derek Weeks and my keynote this morning, here are the slides from our talk at All Day DevOps Spring Edition

Software
1 of 34
Download to read offline
APRIL 17, 2020 Why Happy Developers Create More Secure Code DJ Schleen | DevSecOps Advocate, Sonatype Derek E. Weeks | Co-founder, All Day DevOps
In God we trust, all others bring bata.” - W. Edwards Deming “
2020 2019 2018 2016 2017 2015 2014 Our 1st survey 1st DORA Report Heartbleed vuln. Equifax breach. 88% of those with mature DevOps practices are investing in application security training. 7th annual survey 48% of developers don't have enough time to spend on security
The top 10 countries represented were: ● United States ● United Kingdom ● India ● Canada ● Australia ● Spain ● Netherlands ● Germany ● Singapore ● Israel 5,045 people shared their views for this survey.
Where Do You Come From?
What Is Your Quest?
vs.
vs. @weekstweets @djschleen
Source: Gallup Note: 2019 results are for January through June 2000 2002 2004 2008 2010 2012 2014 2016 20182006 U.S. Employee Engagement Trend Annual averages 0 10 20 30 40 50 % Engaged % Actively Disengaged 26 30 28 26 30 28 30 32 33 34 18 16 17 15 20 18 18 17 14 13 53% were“not engaged”
Coming together is a beginning. Keeping together is progress. Working together is success” - Henry Ford “
Westrum’sThree Cultures Model
Who cause the most friction on your team? @weekstweets @djschleen 10% of Happy Developers say “Nothing” 80% dissatisfied with management are disengaged.
Friction is a force that slows things down
Job satisfaction is higher in mature DevOps practices 1.6x less likely to recommend employer 1.5x happieremployees 1.3x more likely to get work done
How are you informed of application security issues? Happy developers are informed 1.3x more by tooling and 3.8x less by rumor
The only person who is educated is the one who has learned how to learn and change.” - Carl Rogers “
What application security training is available to you?
Take one person per team. Invite everyone. Provide curated training by technology. Have one meeting per month. Instant Security Champion Program
Gallup discovered the top 25 best managed and engaged teams had 50% fewer accidents 41% fewer quality defects
Developers who receive training on how to code securely are 5x more likely to enjoy their work.
How frequently do you deploy to production? 55% deploy at least once per week
Over the past decade the average time to exploit dropped from 45 days to 3 days
The software supply chain and vulnerable component usage remains a massive problem
Open source component related breaches continue to drop but still occur way too often.
Mature DevOps practices are more aware of breaches than immature practices.
if a developer ever has a choice between working on a feature or developer productivity, they should always choose developer productivity.” - Gene Kim, The Unicorn Project “
What security tools do you use?
Integrationof securitytooling is hard Are your tools properly integrated?
Open SourceContributions arewelcome!
Derek Weeks @weekstweets DJ Schleen @djschleen Thank You!
Why happier developers create more secure code

Recommended

DEX before day one - your intranet's missed opportunity
DEX before day one - your intranet's missed opportunityDEX before day one - your intranet's missed opportunity
DEX before day one - your intranet's missed opportunityNigel Williams
 
Taking Open Source Security to the Next Level
Taking Open Source Security to the Next LevelTaking Open Source Security to the Next Level
Taking Open Source Security to the Next LevelSBWebinars
 
The State of Open Source Vulnerabilities Management
The State of Open Source Vulnerabilities ManagementThe State of Open Source Vulnerabilities Management
The State of Open Source Vulnerabilities ManagementSBWebinars
 
What we learned from three years sciencing the crap out of devops
What we learned from three years sciencing the crap out of devopsWhat we learned from three years sciencing the crap out of devops
What we learned from three years sciencing the crap out of devopsNicole Forsgren
 
Sonatype's 2013 OSS Software Survey
Sonatype's 2013 OSS Software Survey Sonatype's 2013 OSS Software Survey
Sonatype's 2013 OSS Software SurveySonatype
 
Live 2014 Survey Results: Open Source Development and Application Security Su...
Live 2014 Survey Results: Open Source Development and Application Security Su...Live 2014 Survey Results: Open Source Development and Application Security Su...
Live 2014 Survey Results: Open Source Development and Application Security Su...Sonatype
 
What you need to know to hire top developers in 2018 by Devskiller
What you need to know to hire top developers in 2018 by DevskillerWhat you need to know to hire top developers in 2018 by Devskiller
What you need to know to hire top developers in 2018 by DevskillerDevskiller
 
Ops Happen: Improve Security Without Getting in the Way
Ops Happen: Improve Security Without Getting in the WayOps Happen: Improve Security Without Getting in the Way
Ops Happen: Improve Security Without Getting in the WaySeniorStoryteller
 

Recommended

DEX before day one - your intranet's missed opportunity
DEX before day one - your intranet's missed opportunityDEX before day one - your intranet's missed opportunity
DEX before day one - your intranet's missed opportunityNigel Williams
 
Taking Open Source Security to the Next Level
Taking Open Source Security to the Next LevelTaking Open Source Security to the Next Level
Taking Open Source Security to the Next LevelSBWebinars
 
The State of Open Source Vulnerabilities Management
The State of Open Source Vulnerabilities ManagementThe State of Open Source Vulnerabilities Management
The State of Open Source Vulnerabilities ManagementSBWebinars
 
What we learned from three years sciencing the crap out of devops
What we learned from three years sciencing the crap out of devopsWhat we learned from three years sciencing the crap out of devops
What we learned from three years sciencing the crap out of devopsNicole Forsgren
 
Sonatype's 2013 OSS Software Survey
Sonatype's 2013 OSS Software Survey Sonatype's 2013 OSS Software Survey
Sonatype's 2013 OSS Software SurveySonatype
 
Live 2014 Survey Results: Open Source Development and Application Security Su...
Live 2014 Survey Results: Open Source Development and Application Security Su...Live 2014 Survey Results: Open Source Development and Application Security Su...
Live 2014 Survey Results: Open Source Development and Application Security Su...Sonatype
 
What you need to know to hire top developers in 2018 by Devskiller
What you need to know to hire top developers in 2018 by DevskillerWhat you need to know to hire top developers in 2018 by Devskiller
What you need to know to hire top developers in 2018 by DevskillerDevskiller
 
Ops Happen: Improve Security Without Getting in the Way
Ops Happen: Improve Security Without Getting in the WayOps Happen: Improve Security Without Getting in the Way
Ops Happen: Improve Security Without Getting in the WaySeniorStoryteller
 
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101FINOS
 
What We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOpsWhat We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOpsSeniorStoryteller
 
The Rationale for Continuous Delivery
The Rationale for Continuous DeliveryThe Rationale for Continuous Delivery
The Rationale for Continuous DeliveryPerforce
 
DevOps not a Toolbox
DevOps not a ToolboxDevOps not a Toolbox
DevOps not a ToolboxDevOps Indonesia
 
Long-term IT projects
Long-term IT projectsLong-term IT projects
Long-term IT projectsPaweł Lewtak
 
Developer Skills Report
Developer Skills ReportDeveloper Skills Report
Developer Skills ReportFrancisco Santibañez
 
Adapt or Go extinct
Adapt or Go extinctAdapt or Go extinct
Adapt or Go extinctAngelo Simone Scotto
 
[Webinar] The Art & Value of Bug Bounty Programs
[Webinar] The Art & Value of Bug Bounty Programs[Webinar] The Art & Value of Bug Bounty Programs
[Webinar] The Art & Value of Bug Bounty Programsbugcrowd
 
Super Symposium - Art of the possible
Super Symposium - Art of the possibleSuper Symposium - Art of the possible
Super Symposium - Art of the possibleSteve Woodward
 
DevOps: Security's Big Opportunity
DevOps: Security's Big OpportunityDevOps: Security's Big Opportunity
DevOps: Security's Big OpportunityTimothy Jarrett
 
Breathing the breath of the monster combining agile and context-driven
Breathing the breath of the monster combining agile and context-drivenBreathing the breath of the monster combining agile and context-driven
Breathing the breath of the monster combining agile and context-drivenIlari Henrik Aegerter
 
Pragmatic Devops
Pragmatic DevopsPragmatic Devops
Pragmatic DevopsNic Cheneweth
 
Taylor workshop esa_2014
Taylor workshop esa_2014Taylor workshop esa_2014
Taylor workshop esa_2014questRCN
 
Detox your team: a low-conflict language for discussin and managing toxic beh...
Detox your team: a low-conflict language for discussin and managing toxic beh...Detox your team: a low-conflict language for discussin and managing toxic beh...
Detox your team: a low-conflict language for discussin and managing toxic beh...Ken Power
 
Introduction to Eclipse Che
Introduction to Eclipse CheIntroduction to Eclipse Che
Introduction to Eclipse CheRed Hat Developers
 
Making Sense of Organization Impediments @ LKCE2015
Making Sense of Organization Impediments @ LKCE2015Making Sense of Organization Impediments @ LKCE2015
Making Sense of Organization Impediments @ LKCE2015Ken Power
 
GrrCON 2018: Stop boiling the ocean!
GrrCON 2018: Stop boiling the ocean!GrrCON 2018: Stop boiling the ocean!
GrrCON 2018: Stop boiling the ocean!Joel Cardella
 
Technical excellence - practices matter
Technical excellence - practices matterTechnical excellence - practices matter
Technical excellence - practices matterLeland Newsom CSP-SM, SPC5, SDP
 
Making Apps Work
Making Apps WorkMaking Apps Work
Making Apps WorkWilliam Thomson
 
Cat Herding and Community Gardens: Practical e-Science Project Management
Cat Herding and Community Gardens: Practical e-Science Project ManagementCat Herding and Community Gardens: Practical e-Science Project Management
Cat Herding and Community Gardens: Practical e-Science Project ManagementNeil Chue Hong
 
Philly ETE 2016: Securing Software by Construction
Philly ETE 2016: Securing Software by ConstructionPhilly ETE 2016: Securing Software by Construction
Philly ETE 2016: Securing Software by Constructionjxyz
 
DevSecOps: Minimizing Risk, Improving Security
DevSecOps: Minimizing Risk, Improving SecurityDevSecOps: Minimizing Risk, Improving Security
DevSecOps: Minimizing Risk, Improving SecurityFranklin Mosley
 

More Related Content

What's hot

OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101FINOS
 
What We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOpsWhat We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOpsSeniorStoryteller
 
The Rationale for Continuous Delivery
The Rationale for Continuous DeliveryThe Rationale for Continuous Delivery
The Rationale for Continuous DeliveryPerforce
 
Long-term IT projects
Long-term IT projectsLong-term IT projects
Long-term IT projectsPaweł Lewtak
 
[Webinar] The Art & Value of Bug Bounty Programs
[Webinar] The Art & Value of Bug Bounty Programs[Webinar] The Art & Value of Bug Bounty Programs
[Webinar] The Art & Value of Bug Bounty Programsbugcrowd
 
Super Symposium - Art of the possible
Super Symposium - Art of the possibleSuper Symposium - Art of the possible
Super Symposium - Art of the possibleSteve Woodward
 
DevOps: Security's Big Opportunity
DevOps: Security's Big OpportunityDevOps: Security's Big Opportunity
DevOps: Security's Big OpportunityTimothy Jarrett
 
Breathing the breath of the monster combining agile and context-driven
Breathing the breath of the monster combining agile and context-drivenBreathing the breath of the monster combining agile and context-driven
Breathing the breath of the monster combining agile and context-drivenIlari Henrik Aegerter
 
Taylor workshop esa_2014
Taylor workshop esa_2014Taylor workshop esa_2014
Taylor workshop esa_2014questRCN
 
Detox your team: a low-conflict language for discussin and managing toxic beh...
Detox your team: a low-conflict language for discussin and managing toxic beh...Detox your team: a low-conflict language for discussin and managing toxic beh...
Detox your team: a low-conflict language for discussin and managing toxic beh...Ken Power
 
Making Sense of Organization Impediments @ LKCE2015
Making Sense of Organization Impediments @ LKCE2015Making Sense of Organization Impediments @ LKCE2015
Making Sense of Organization Impediments @ LKCE2015Ken Power
 
GrrCON 2018: Stop boiling the ocean!
GrrCON 2018: Stop boiling the ocean!GrrCON 2018: Stop boiling the ocean!
GrrCON 2018: Stop boiling the ocean!Joel Cardella
 
Cat Herding and Community Gardens: Practical e-Science Project Management
Cat Herding and Community Gardens: Practical e-Science Project ManagementCat Herding and Community Gardens: Practical e-Science Project Management
Cat Herding and Community Gardens: Practical e-Science Project ManagementNeil Chue Hong
 

What's hot (20)

OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
 
What We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOpsWhat We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOps
 
The Rationale for Continuous Delivery
The Rationale for Continuous DeliveryThe Rationale for Continuous Delivery
The Rationale for Continuous Delivery
 
DevOps not a Toolbox
DevOps not a ToolboxDevOps not a Toolbox
DevOps not a Toolbox
 
Long-term IT projects
Long-term IT projectsLong-term IT projects
Long-term IT projects
 
Developer Skills Report
Developer Skills ReportDeveloper Skills Report
Developer Skills Report
 
Adapt or Go extinct
Adapt or Go extinctAdapt or Go extinct
Adapt or Go extinct
 
[Webinar] The Art & Value of Bug Bounty Programs
[Webinar] The Art & Value of Bug Bounty Programs[Webinar] The Art & Value of Bug Bounty Programs
[Webinar] The Art & Value of Bug Bounty Programs
 
Super Symposium - Art of the possible
Super Symposium - Art of the possibleSuper Symposium - Art of the possible
Super Symposium - Art of the possible
 
DevOps: Security's Big Opportunity
DevOps: Security's Big OpportunityDevOps: Security's Big Opportunity
DevOps: Security's Big Opportunity
 
Breathing the breath of the monster combining agile and context-driven
Breathing the breath of the monster combining agile and context-drivenBreathing the breath of the monster combining agile and context-driven
Breathing the breath of the monster combining agile and context-driven
 
Pragmatic Devops
Pragmatic DevopsPragmatic Devops
Pragmatic Devops
 
Taylor workshop esa_2014
Taylor workshop esa_2014Taylor workshop esa_2014
Taylor workshop esa_2014
 
Detox your team: a low-conflict language for discussin and managing toxic beh...
Detox your team: a low-conflict language for discussin and managing toxic beh...Detox your team: a low-conflict language for discussin and managing toxic beh...
Detox your team: a low-conflict language for discussin and managing toxic beh...
 
Introduction to Eclipse Che
Introduction to Eclipse CheIntroduction to Eclipse Che
Introduction to Eclipse Che
 
Making Sense of Organization Impediments @ LKCE2015
Making Sense of Organization Impediments @ LKCE2015Making Sense of Organization Impediments @ LKCE2015
Making Sense of Organization Impediments @ LKCE2015
 
GrrCON 2018: Stop boiling the ocean!
GrrCON 2018: Stop boiling the ocean!GrrCON 2018: Stop boiling the ocean!
GrrCON 2018: Stop boiling the ocean!
 
Technical excellence - practices matter
Technical excellence - practices matterTechnical excellence - practices matter
Technical excellence - practices matter
 
Making Apps Work
Making Apps WorkMaking Apps Work
Making Apps Work
 
Cat Herding and Community Gardens: Practical e-Science Project Management
Cat Herding and Community Gardens: Practical e-Science Project ManagementCat Herding and Community Gardens: Practical e-Science Project Management
Cat Herding and Community Gardens: Practical e-Science Project Management
 

Similar to Why happier developers create more secure code

Philly ETE 2016: Securing Software by Construction
Philly ETE 2016: Securing Software by ConstructionPhilly ETE 2016: Securing Software by Construction
Philly ETE 2016: Securing Software by Constructionjxyz
 
DevSecOps: Minimizing Risk, Improving Security
DevSecOps: Minimizing Risk, Improving SecurityDevSecOps: Minimizing Risk, Improving Security
DevSecOps: Minimizing Risk, Improving SecurityFranklin Mosley
 
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...Pedro Henriques
 
LA 1/18/18 Become A Web Developer: A Thinkful Info Session
LA 1/18/18 Become A Web Developer: A Thinkful Info SessionLA 1/18/18 Become A Web Developer: A Thinkful Info Session
LA 1/18/18 Become A Web Developer: A Thinkful Info SessionThinkful
 
State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019Stefan Streichsbier
 
5 Years of Jenkins and DevOps Trends and What That Means For the Future of t...
5 Years of Jenkins and DevOps Trends and What That Means For the Future of t...5 Years of Jenkins and DevOps Trends and What That Means For the Future of t...
5 Years of Jenkins and DevOps Trends and What That Means For the Future of t...DevOps.com
 
State of on call report 2014
State of on call report 2014State of on call report 2014
State of on call report 2014Todd Vernon
 
State of DevSecOps - DevOpsDays Jakarta 2019
State of DevSecOps - DevOpsDays Jakarta 2019State of DevSecOps - DevOpsDays Jakarta 2019
State of DevSecOps - DevOpsDays Jakarta 2019Stefan Streichsbier
 
2019 IDG Role of the Developer Study
2019 IDG Role of the Developer Study2019 IDG Role of the Developer Study
2019 IDG Role of the Developer StudyIDG
 
2019 04-18 -DevSecOps-software supply chain
2019 04-18 -DevSecOps-software supply chain2019 04-18 -DevSecOps-software supply chain
2019 04-18 -DevSecOps-software supply chainCameron Townshend
 
Security Training: Necessary Evil, Waste of Time, or Genius Move?
Security Training: Necessary Evil, Waste of Time, or Genius Move?Security Training: Necessary Evil, Waste of Time, or Genius Move?
Security Training: Necessary Evil, Waste of Time, or Genius Move?Denim Group
 
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting LeftDevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting LeftDevSecCon
 
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptxEmphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptxlior mazor
 
Information Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesInformation Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesJack Nichelson
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOpsBlack Duck by Synopsys
 
Software Security Assurance for Devops
Software Security Assurance for DevopsSoftware Security Assurance for Devops
Software Security Assurance for DevopsJerika Phelps
 
Girl Geek X Indeed Talks (January 18, 2018)
Girl Geek X Indeed Talks (January 18, 2018)Girl Geek X Indeed Talks (January 18, 2018)
Girl Geek X Indeed Talks (January 18, 2018)Angie Chang
 
AI, Productivity, Innovation, and Sustainability
AI, Productivity, Innovation, and SustainabilityAI, Productivity, Innovation, and Sustainability
AI, Productivity, Innovation, and SustainabilityRobin Teigland
 

Similar to Why happier developers create more secure code (20)

Philly ETE 2016: Securing Software by Construction
Philly ETE 2016: Securing Software by ConstructionPhilly ETE 2016: Securing Software by Construction
Philly ETE 2016: Securing Software by Construction
 
DevSecOps: Minimizing Risk, Improving Security
DevSecOps: Minimizing Risk, Improving SecurityDevSecOps: Minimizing Risk, Improving Security
DevSecOps: Minimizing Risk, Improving Security
 
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
 
LA 1/18/18 Become A Web Developer: A Thinkful Info Session
LA 1/18/18 Become A Web Developer: A Thinkful Info SessionLA 1/18/18 Become A Web Developer: A Thinkful Info Session
LA 1/18/18 Become A Web Developer: A Thinkful Info Session
 
State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019State of DevSecOps - DevSecOpsDays 2019
State of DevSecOps - DevSecOpsDays 2019
 
5 Years of Jenkins and DevOps Trends and What That Means For the Future of t...
5 Years of Jenkins and DevOps Trends and What That Means For the Future of t...5 Years of Jenkins and DevOps Trends and What That Means For the Future of t...
5 Years of Jenkins and DevOps Trends and What That Means For the Future of t...
 
State of DevSecOps - GTACS 2019
State of DevSecOps - GTACS 2019State of DevSecOps - GTACS 2019
State of DevSecOps - GTACS 2019
 
State of on call report 2014
State of on call report 2014State of on call report 2014
State of on call report 2014
 
The State of DevSecOps
The State of DevSecOpsThe State of DevSecOps
The State of DevSecOps
 
State of DevSecOps - DevOpsDays Jakarta 2019
State of DevSecOps - DevOpsDays Jakarta 2019State of DevSecOps - DevOpsDays Jakarta 2019
State of DevSecOps - DevOpsDays Jakarta 2019
 
2019 IDG Role of the Developer Study
2019 IDG Role of the Developer Study2019 IDG Role of the Developer Study
2019 IDG Role of the Developer Study
 
2019 04-18 -DevSecOps-software supply chain
2019 04-18 -DevSecOps-software supply chain2019 04-18 -DevSecOps-software supply chain
2019 04-18 -DevSecOps-software supply chain
 
Security Training: Necessary Evil, Waste of Time, or Genius Move?
Security Training: Necessary Evil, Waste of Time, or Genius Move?Security Training: Necessary Evil, Waste of Time, or Genius Move?
Security Training: Necessary Evil, Waste of Time, or Genius Move?
 
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting LeftDevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
 
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptxEmphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
 
Information Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesInformation Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your Vulnerabilities
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOps
 
Software Security Assurance for Devops
Software Security Assurance for DevopsSoftware Security Assurance for Devops
Software Security Assurance for Devops
 
Girl Geek X Indeed Talks (January 18, 2018)
Girl Geek X Indeed Talks (January 18, 2018)Girl Geek X Indeed Talks (January 18, 2018)
Girl Geek X Indeed Talks (January 18, 2018)
 
AI, Productivity, Innovation, and Sustainability
AI, Productivity, Innovation, and SustainabilityAI, Productivity, Innovation, and Sustainability
AI, Productivity, Innovation, and Sustainability
 

More from DJ Schleen

Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)
Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)
Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)DJ Schleen
 
Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)
Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)
Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)DJ Schleen
 
Embracing DevSecOps: A Changing Security Landscape for the US Government
Embracing DevSecOps: A Changing Security Landscape for the US GovernmentEmbracing DevSecOps: A Changing Security Landscape for the US Government
Embracing DevSecOps: A Changing Security Landscape for the US GovernmentDJ Schleen
 
Blue is the new green
Blue is the new greenBlue is the new green
Blue is the new greenDJ Schleen
 
CVS Health Automating Security with DevSecOps
CVS Health Automating Security with DevSecOpsCVS Health Automating Security with DevSecOps
CVS Health Automating Security with DevSecOpsDJ Schleen
 
Don't Fear the Four Horsemen of the DevSecOpalypse
Don't Fear the Four Horsemen of the DevSecOpalypseDon't Fear the Four Horsemen of the DevSecOpalypse
Don't Fear the Four Horsemen of the DevSecOpalypseDJ Schleen
 

More from DJ Schleen (6)

Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)
Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)
Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)
 
Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)
Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)
Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)
 
Embracing DevSecOps: A Changing Security Landscape for the US Government
Embracing DevSecOps: A Changing Security Landscape for the US GovernmentEmbracing DevSecOps: A Changing Security Landscape for the US Government
Embracing DevSecOps: A Changing Security Landscape for the US Government
 
Blue is the new green
Blue is the new greenBlue is the new green
Blue is the new green
 
CVS Health Automating Security with DevSecOps
CVS Health Automating Security with DevSecOpsCVS Health Automating Security with DevSecOps
CVS Health Automating Security with DevSecOps
 
Don't Fear the Four Horsemen of the DevSecOpalypse
Don't Fear the Four Horsemen of the DevSecOpalypseDon't Fear the Four Horsemen of the DevSecOpalypse
Don't Fear the Four Horsemen of the DevSecOpalypse
 

Recently uploaded

WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...SelfMade bd
 
WSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2
 
WSO2CON2024 - Why Should You Consider Ballerina for Your Next Integration
WSO2CON2024 - Why Should You Consider Ballerina for Your Next IntegrationWSO2CON2024 - Why Should You Consider Ballerina for Your Next Integration
WSO2CON2024 - Why Should You Consider Ballerina for Your Next IntegrationWSO2
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastPapp Krisztián
 
WSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - KanchanaWSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - KanchanaWSO2
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in sowetomasabamasaba
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2
 
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...WSO2
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2
 
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...WSO2
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2
 

Recently uploaded (20)

WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
WSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - Keynote
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
WSO2CON2024 - Why Should You Consider Ballerina for Your Next Integration
WSO2CON2024 - Why Should You Consider Ballerina for Your Next IntegrationWSO2CON2024 - Why Should You Consider Ballerina for Your Next Integration
WSO2CON2024 - Why Should You Consider Ballerina for Your Next Integration
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
WSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - KanchanaWSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - Kanchana
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
 

Why happier developers create more secure code