DevSecOps in the Cloud from the Lens of a Well-Architected Framework
April 2022 • Presentation
This session was presented by Turja Narayan Chaudhuri of EY GDS at DevSecOps Days Pittsburgh, held virtually April 27, 2022.
Software Engineering Institute
Many engineering teams view DevSecOps initiatives from the perspective of being more secure from external threats/vulnerabilities. As a result, they focus more on the security aspect, rather than the architectural / engineering aspect.
In this talk, I try to focus on DevSecOps from the architecture perspective. I try to link DevSecOps with the common pillars of a Cloud based well-architected framework, and discuss how DevSecOps goes a step further from security, and delves into architectural practices .
Security is always there at the core, but the practices and patterns enforced by DevSecOps can be adopted/extended on a much wider scale, if we also factor in the engineering excellence, or architectural best practices that can be infused into the system as a direct consequence/correlation of adopting DevSecOps.
The idea of this talk is for audience to be able to link Architecture Best practices with DevSecOps initiatives, instead of just security.
Implementing DevSecOps without architectural best practices in mind, might not fail, but will surely be regarded as a missed chance to significantly improve the engineering discipline across an enterprise.
Turja Narayan Chaudhuri is currently working as an Assistant Director for Cloud Platform in EY GDS. He has overall 10 years experience in IT, with 5+ years in Cloud technologies. Before EY, he worked as a Cloud Solution Architect in Accenture and PwC India. He has worked with multiple enterprises in assisting them in their journey to cloud, and also helped establish best practices for architecture and governance in cloud.