Andrew Clay Shafer musing about the evolution of devsecops. Where are we now? Where could things go? Building a global community of practice learning and sharing.
24. hidden available ambient
can’t find searchable cultivated
strong silos publish info share personally
everything is secret secret to company global community
Sharing
25. Lean Subsumes ALL the Things
ignore what a terrible metaphor manufacturing is for software
31. lol try do
security? after the fact first principles
theatrics tools built in
hide blame own
Security
32. devops
• developers and operations can
and should work together
• system administration evolving to
look more like software
development
• evolving together as global
community sharing solutions
Legacy me - in 2010
33. devsecops
• developers AND operations AND
security can and should work
together
• security is evolving to incorporate
more software development
• evolving together as global
community sharing solutions
me - in 2019
46. what they really want
• scalability
• availability
• reliability
• operability
• usability
• observability
• all for free
• without changing anything
66. what are the infosec analogs
for ‘observability’, ‘reliability’,
‘resiliance’ & ‘chaos’?
67. It ought to be remembered that there is nothing more difficult to take
in hand, more perilous to conduct, or more uncertain in its success,
than to take the lead in the introduction of a new order of things.
Because the innovator has for enemies all those who
have done well under the old conditions, and lukewarm
defenders in those who may do well under the new.
Niccolò Machiavelli, The Prince