DevSecOps, Compliance GRC, and the Future of Application Security - Francesco Cipollone - ASW #177
b'
DevSecOps has been traditionally very people centric. It is hard to measure software security and the landscape is becoming increasingly more complex with container, cloud, and infrastructure. Driving an appsec program at scale is often an art that only few can master and the majority of organizations remain uncovered from an appsec perspective. Measuring DevSecOps and evolving risk-based vulnerability management is a must. Bringing along risk people and GRC has traditionally been challenging.
\\xa0
Segment Resources:
- AppSec Cali 19 Talk: https://www.youtube.com/watch?v=cegMUjo25Zc
- ADDO19: https://www.youtube.com/watch?v=x1p3exzkTIY
- Open Security Summit 20 - https://www.youtube.com/watch?v=8myMG36gq4o,
https://www.youtube.com/watch?v=mh_P1C1a-CM
\\xa0
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw177
'