Executive Summary of Controlled Chaos: the Inevitable Marriage of DevOps & Security, presented by Kelly Shortridge & Dr. Nicole Forsgren at BlackHat USA 2019
- The way tech is done in organizations is radically shifting, as is the face of organizations themselves in the “software is eating the world” paradigm. Dev is king as driver of the business, and anyone standing in its way – including security – will be marginalized
- It is indeed possible for infosec to work hand in hand with dev, to embrace DevOps and shift with it rather than against it – because DevOps and security’s priorities are not truly that disparate with the rise of chaos and resilience engineering
- Security can plan for this future, adopting the D.I.E. model and chaos security engineering, and should be excited that defense will get a healthy dose of innovation for a change :)
- DevOps reflects the unification of responsibility and accountability; security likewise must go through a similar shift, in