Variations in lubrication and incentive.
matt at contino.io
"It is not necessary to change. Survival is not mandatory."
W. Edwards Deming.
What are the kinds of things that you hear when someone tells you about the success of their devops practice?
What are the kinds of things that you hear when someone tells you about the success of their security practice?
(or my opinion)
How did the perception change enough to the point that we all know what devops is in some capacity?
Empathy and Understanding
DevOps and Security Shared Values
- Lower operational complexity makes things easier to reason about.
- Learning from the past makes us less likely to screw up in the future.
- Knowing when something is wrong is critical to fixing it.
Learning from past mistakes
Lowering communication costs
Adding security to your culture is an ongoing process
Communication is, as usual, a sharp tool that can be used for good or bad outcomes
Security must become part of the process to be successful.
There is much more to explore here.
- Security of your pipeline
- Security in your pipeline
- Secrets management
- Key rotation policies
- Security drills!
- Penetration tests and audits
- Account Audits!
- Update policies
Grease Fires in Devops and security
By Matt Urbanski