The Ugly Truth About Your DevSecOps Guidelines and Security Policies

A presentation at IDC IT Security Finland 2022 in in Helsinki, Finland by Bruno Amaro Almeida

Today everyone understands why cyber security is crucial to any business organization. Yet, most software engineering teams building products and services still struggle to improve their security posture.

Organisations, especially large enterprises, invest large sums in training, creating DevSecOps guidelines that follow industry best practices and applying security policies to the whole organization. However, are those actually applied practice? Are engineering teams adopting security practices?

In this talk, we are going to explore how organisations, especially their SW engineering teams, can truly assess and measure their security posture, making sure that organizational guidelines and policies actually make sense and are followed in practice.

Buzz and feedback

Here’s what was said about this presentation on Twitter.