This document discusses how DevOps practices can sometimes break traditional security and compliance practices, and proposes an approach called SecDevOps 2.0 to better integrate the two. It outlines how SecDevOps 2.0 would define policies, identities, and networks in a way that supports continuous delivery while maintaining security and compliance. Key elements include defining security policies in code, using machine identities at scale for access control, and implementing new tools like secrets as a service and software-defined firewalls. The overall goal is to make security controls more transparent and integrated with automation.