This conference talk from the OWASP Foundation examines the disconnect between DevSecOps hype and reality, revealing how reported security issues remain unresolved, SLAs are neglected, and security champions are underutilized. Explore the fundamental flaws in current DevSecOps maturity models and discover why they fail to drive meaningful security improvements. Learn about the necessary cultural shifts to establish a security-first mindset across organizations and how to properly empower security champions with substantive responsibilities. Understand how integrating advanced technologies for automated and proactive security measures can transform theoretical DevSecOps promises into practical frameworks that effectively address vulnerabilities. Gain actionable strategies for bridging the gap between DevSecOps theory and implementation in this 40-minute presentation delivered by Eitan Worcel and Dustin Lehr.
The Broken State of DevSecOps and Its Maturity Model
Overview
Syllabus
The Broken State of DevSecOps and Its Maturity Model - Eitan Worcel, Dustin Lehr
Taught by
OWASP Foundation
Related Courses
-
DevSecOps Fundamentals
-
OWASP DSOMM Project - Introduction to DevSecOps Maturity Model
-
Building Security In - DevSecOps Approach for Agile Development
-
Automated DevSecOps Maturity Assessment
-
Fortifying DevOps: Unveiling Security Activities and Maturity Models for Resilient Software Development
-
DevSecOps Roundup - An Overview of the Current State
