Hacking Security Episode 4: DevSecOps with Meera Rao
Hacking Security is a monthly podcast on emerging trends in application security. In Episode 4, your host, Steve Giguere, discusses DevSecOps with Meera Rao.
Hacking Security is a monthly podcast on emerging trends in application security development hosted by Steve Giguere, lead EMEA engineer at Synopsys.
DevSecOps
Episode 4 features Meera Rao, senior principal consultant and director of the secure development practice at Synopsys. She has over 20 years of experience in software development organizations in a variety of roles, including architect, lead developer, project manager, and security architect. Steve and Meera discuss Dev, DevOps, DevSec, and DevSecOps. Take 47 minutes to give it a listen!
Podcast: Play in new window | Download
Hacking Security resources
DevSecOps resources
- How to Navigate the Intersection of DevOps and Security
- Examining DevSecOps Realities and Opportunities–A 451 Research Report
- How to Integrate SAST Into DevSecOps With Coverity
Transcript
Welcome to the Hacking Security podcast. Hacking Security is a podcast for emerging trends in application security development. I am your host, Steve Giguere, and full disclosure: This podcast series is sponsored by the Synopsys Software Integrity Group.
DevSecOps with Meera Rao
And welcome once again to Hacking Security. In this particular episode—this’ll be our first interview episode, actually—we’ve got one of the industry-recognized gurus in DevSecOps. How did we get that Sec in there? How did the wonderful marriage, the happy couple that is Dev and Ops that we’ve been celebrating over the past few years with changes in culture, changes in agility, changes in velocity, the introduction of high-speed CI/CD pipelines… Lots of good things have come out of the DevOps movement. And now we’re trying to break that up. Are we? We’re trying to turn it into a threesome.
RELATED: What’s the difference between Agile, CI/CD, and DevOps?
DevSecOps is more than just a simple or automated integration of security into DevOps. And I think I didn’t quite understand the depth, the breadth, and the magnitude of what’s required when we’re talking about getting a DevSecOps culture in place. But thankfully, I’ve been lucky enough to have an expert. And that expert is Meera Rao.
In our conversation that’s coming up, Meera opened my eyes to what DevSecOps really was. Now I thought I know. But it wasn’t quite as enlightened as it is now. And I hope you find the interview equally enlightening, if not at least helping to solidify the direction you’re trying to go if you’re trying to create a DevSecOps culture in your development world.
More to come!
*** This is a Security Bloggers Network syndicated blog from Software Integrity Blog authored by Steve Giguere. Read the original post at: https://www.synopsys.com/blogs/software-security/devsecops-hacking-security-episode-4/
