In order to maintain a consistent security posture, it’s vital to get some of the security tenets into the development and operation lifecycle. To that end, DevSecOps is the current buzzword in most cloud-oriented organizations and cloud service providers who offer SAAS/PAAS/IAAS. In general, DevSecOps brings in adequate security gating at every step of the way. However, it lacks a mechanism to continuously measure the security posture.
In this presentation, we will look at how best to capture various quantitative and qualitative metrics that can be derived to measure the security posture. We will dive into some of the touch points at DevSecOps and also a framework for collecting security as well as privacy metrics effectively and continuously.
Understand some of the best practices for effective DevSecOps
Understand various metrics that are in play and can be effectively used for monitoring the performance of the DevSecOps program.