DevSecOps at scale – what have we learned from securing over 1000 systems in a global organization
DevSecOps buzz word is known to security professionals from some time already. Concept of “Pushing security left” or integrating security tools into CI/CD pipelines is something that most of development teams are well-aware of.
But what if we are talking about hundreds of systems managed by tens of teams? Is that approach viable anymore? How can we industrialize approach to system security? What challenges are we going to face?
During this presentation we will share some success stories, challenges and ideas we learned while securing hundreds of systems at Philip Morris International. If you would like to understand the concept of “Secure defaults”, get familiar with SAP security or understand common challenges with SAST/DAST tools and offensive security this presentation is right for you.
Website: [ Ссылка ]
Facebook: [ Ссылка ]
Twitter: [ Ссылка ]
