Software Engineering Institute

Being compliant to regulatory requirements, standards and policies are an important goal for any product and in turn determines the success of the business. The compliance effort involved in this, is not a one-time task but an on-going process. How is this continuous compliance accomplished in the fast-paced world of DevOps? How are the teams prepared to get the best out of the DevOps programs in order to achieve the compliance goals?

This session attempts to share a practitioner’s perspective of applying continuous compliance in DevOps programs. You will get to experience the implementation methods including an example from a real-time project involving tools and techniques, and ways to overcome the barriers in the process by organizing the security tasks and establishing accountability.

Learning Objectives:

• How Security fits in the DevOps Pipeline?
• How to implement the continuous compliance in DevOps Programs?
• The role of Security Champions in the continuous compliance journey

This presentation by Arun Prabhakar of Security Compass was given virtually at DevSecOps Days Los Angeles 2021 on September 15, 2021. Arun is a Senior Consultant in the DevSecOps practice at Security Compass. He has distinctive and resourceful experience in Secure System Development Life Cycle activities including secure design, threat modeling, vulnerability management and solutioning across different domains and platforms. He has a keen interest in transformative technologies like Machine Learning, Blockchain and Internet of Things. Arun is a Certified practitioner and has experience working as a Product Security Architect for product and consulting firms. His present area of research is on Security Data Science and loves to write about emerging trends in Information Security.

View a graphic recording of the presentation or watch the video on YouTube.