Dueling Perspectives: When Development and Security Clash
Security is important for mitigating risk, building customer trust, and ensuring your company isn’t featured in the latest data breach headlines. DevSecOps is only part of the solution to the problem. Both security and development needs to buy into a culture of deep collaboration. Security teams must partner with development to add guidance for better workflows without throwing up roadblocks. Implementing this requires strong buy-in from stakeholders and an emphasis on engineering culture over technology. We’ll seek to explore when iteration speed improves security posture and when things like compliance “slowing down” development could also be beneficial to a feature release.
By attending this session, security engineers will learn the best ways to approach and collaborate with software and ops engineering teams. Conversely, software and ops engineers will learn how to maintain development velocity while simultaneously reducing security risk. Datadog Security Engineer Kendra Ash and Elise Shehram, VP of Engineering at Enervee will discuss the lessons they’ve learned from bringing security and engineering teams together.
Through examples we will discuss and highlight the tradeoffs between business flexibility, development velocity, and security posture. The key learnings will focus on the value of automation, collaboration, and streamlining processes for planned work.