Top 5 Challenges to Overcome on Your DevSecOps Journey
May 2023 • Webinar
Hasan Yasar, Joseph D. Yankel
In this webcast, Hasan Yasar and Joe Yankel discuss the top 5 challenges and barriers to implementing DevSecOps practices.
Software Engineering Institute
Historically, a lot of discussion in software security focused on the project level, emphasizing code scanning, penetration testing, reactive approaches for incident response, and so on. Today, the discussion has shifted to the program level to align with business objectives. In the ideal outcome of such a shift, software teams would act in alignment with business goals, organizational risk, and solution architecture and would understand that security practices are integral to business success. However, the shift from project- to program-level thinking brings lots of challenges. In this webcast, Hasan Yasar and Joe Yankel discuss the top 5 challenges and barriers to implementing DevSecOps practices and describe some solutions for overcoming them.
What attendees will learn:
- The DevSecOps ecosystem and how it aligns with business objectives
- The DevSecOps challenges and barriers
- How to overcome the top 5 challenges
- Practical solutions for your business needs
- How your system architecture drives your DevSecOps ecosystem
About the Speaker
Hasan Yasar is the Technical Director of the Continuous Deployment of Capability group in the SSD Division of the Software Engineering Institute, CMU. Hasan leads an engineering group to enable, accelerate, ...
Hasan Yasar is the Technical Director of the Continuous Deployment of Capability group in the SSD Division of the Software Engineering Institute, CMU. Hasan leads an engineering group to enable, accelerate, and assure transformation at the speed of relevance by leveraging DevSecOps, Agile, Lean AI/ML, and other emerging technologies to create a Smart Software Platform/Pipeline. Hasan has more than 25 years’ experience as a senior security engineer, software engineer, software architect, and manager in all phases of secure software development and information modeling processes. He specializes in secure software solutions design and development in the cybersecurity domain, including data-driven investigation and collaborative incident management; network security assessment; automated, large-scale malware triage/analysis; medical records management; accounting; simulation systems; and document management. He is also an adjunct faculty member in CMU Heinz College and the Institute of Software Research, where he currently teaches “Software and Security” and “DevOps: Engineering for Deployment and Operations.”
His current areas of professional interests focus on
- secure software development, including threat modeling, risk management framework, and software assurance models
- secure DevOps processes, methodologies, and implementation
- software development methodologies (Agile, SAFe, DevOps)
- cloud-based application development, AI system development, deployment, and operations
- software architecture, design, development, and management of large-scale enterprise systems