Slides: https://static.sched.com/hosted_files...

As technology teams continue to accelerate and evolve, so do the quantity and sophistication of security threats. It's easy to emphasize the importance of security and suggest that teams need to prioritize it, but doing so becomes an extensive change management exercise. How can we rise to the challenge without slowing our software delivery velocity?

Our own lived experience combined with a multi-year research program led by the DevOps Research and Assessment (DORA) team can be used to help you and your team move beyond implementation of specific tools to a people-centric approach to organizational transformation.

This talk will dive into some findings of the DORA research and recommendations including:

• How to measure software delivery and operations performance.
• A secure software development lifecycle is both essential and drives organizational performance.
• The essential elements necessary to transform a product security program.
• Healthier, collaborative cultures have a head start on implementing a mature security program.

Learn how top performers that met or exceeded their reliability targets were twice as likely to have security integrated into their software development process.

Spoiler alert! The best security teams focus on collaboration and getting better at getting better. You can do this, too!

Michele Chubirka
Google
Cloud Security Advocate

Michele Chubirka, AKA Mrs. Y., is a recovering Unix and network engineer currently working as a cloud security advocate for Google. Formerly the creator and official nerd stalker of the Healthy Paranoia Security Podcast, she has also been a freelance writer for various B2B publications such as Network Computing, Dark Reading and TechTarget. She likes long walks in hubsites, traveling to security conferences and spending time in the Bat Cave. Sincerely believes that every problem can be solved with a “for” loop. When not blogging or podcasting, can be found using up her 15 minutes in the Twittersphere as @MrsYisWhy

Nathen Harvey
DORA & Google Cloud
DORA Lead and Developer Advocate

Nathen Harvey has built a career on helping teams realize their potential while aligning technology to business outcomes. Nathen has had the privilege of working with some of the best teams and open source communities, helping them apply the principles and practices of DevOps and SRE. He leads Google Cloud DORA team and has co-authored multiple DORA reports. Nathen was an editor for 97 Things Every Cloud Engineer Should Know, published by O’Reilly in 2020.

Managed by the OWASP® Foundation
https://owasp.org/