The love-hate relationship between DevOps and Security.
What it’s about
Provocative title for a necessary talk: how the DevOps revolution is introducing new security problems.
This talk covers:
- Common security mistakes in DevOps culture
- Insecure containers
- Secrets in environment variables
- Pipelines without security controls
- How to do DevSecOps right
Why it’s relevant
In 2015, DevOps was booming. Everyone wanted to deploy fast. Nobody thought about security.
This talk was a wake-up call: speed without security is a disaster waiting to happen.
Impact
One of the first talks in Spain about DevSecOps. Helped put the topic on the table in the development community.