Title | : | Managing Developer Velocity and System Security with DevSecOps |
Duration | : | 32:55 |
Viewed | : | 1,824 |
Published | : | 07-12-2022 |
Source | : | Youtube |
In aiming for correctness and security of product, as well as for development speed, software development teams often face tension in their objectives. During a recent customer engagement that involved the development of a continuous-integration (CI) pipeline, developers wanted to develop features and deploy to production, deferring non-critical bugs as technical debt, whereas cyber engineers wanted compliant software by having the pipeline fail on any security requirement that was not met. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Alejandro Gomez, a researcher in the SEI’s CERT Division who worked on the customer project, talked with principal researcher Suzanne Miller about how the team explored—and eventually resolved—the two competing forces of developer velocity and cybersecurity enforcement by implementing DevSecOps practices. #DevSecOps, #technicaldebt, #software, #development The SEI Podcast Series is available sei.cmu.edu/podcasts and on the following channels: Apple Podcasts: https://podcasts.apple.com/us/podcast/software-engineering-institute-sei-podcast-series/id566573552?mt=2 Google Podcasts: https://podcasts.google.com/?feed=aHR0cHM6Ly93d3cuc2VpLmNtdS5lZHUvcG9kY2FzdHMvZmlsZXNfcG9kY2FzdHMvaXR1bmVzRmVlZC54bWw%3D&nord=0 TuneIn: https://tunein.com/podcasts/Technology-Podcasts/SEI-Podcasts-p1217908/ SoundCloud: https://soundcloud.com/cmu-sei-podcasts Stitcher: https://www.stitcher.com/podcast/software-engineering-institute-sei-podcast-series Spotify: https://open.spotify.com/show/1CAKTiVZUTC3BlNOrTc4Zw
Life of a DevSecOps Engineer (w/ Aras "Russ" Me... 06:45 - 46,896 |
AZ-900 Azure Fundamentals Exam Cram (2024 Editi... 30:52 - 89,612 |
Excel & Power BI Data Analysis Complete Class i... 44:08 - 598,054 |
The Future of Software Engineering and Acquisit... 32:10 - 3,534 |
What is a vector database? Why are they critica... 43:31 - 11,802 |
Perplexity CTO Denis Yarats on AI-powered search 35:15 - 3,252 |
Cybersecurity Architecture: Networks 27:31 - 84,111 |
DevSecOps on Azure 10:08 - 7,750 |