Agile2019 has ended
Back To Schedule
Tuesday, August 6 • 10:45 - 12:00
Dev???Ops: The Missing Middle of Security (Elizabeth Ayer)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

If you thought it was difficult bringing the Ops and Dev teams to the same table, let’s talk about security! Often housed in a separate team, security experts have no incentive to ship software, with a mission solely to minimise risk.
This talk is a detailed case study of bringing security into DevOps. We’ll look at the challenges and tactics, from the suboptimal starting point of a highly regulated system with a history of negative media attention. It follows an Agile-aspiring Government IT team from the time when a deployable product was "finished" to when the application was first deployed many months later.
This talk is about humans and systems - in particular how groups often need to flex beyond the bounds of what either side considers reasonable, in order to get a job done. We’ll talk about structural challenges, human challenges, and ultimately how we managed to break through them.
There are no villains - everybody in this story is a hero, working relentlessly through obstacles of structure, time, law, and history. Come hear what finally made the difference, filling in the missing middle of DevSecOps.

Learning Outcomes:
  • Understand challenges of bringing Security into DevOps in the most challenging situations
  • Experience a detailed story of a team going from "Done" to "Deployed" - in a painful 9 months!
  • Consider the structural changes which didn't work and the human hacks that did
  • Come away with lessons for starting an initiative and where *not* to compromise
  • Develop a sympathy for the conditions of US government technology


avatar for Elizabeth Ayer

Elizabeth Ayer

Product Manager, 18F
Who are you ?I'm the product lady who had to retire her battle cry of "Shippit!" after too many people misunderstood the intent. They can't take "early and continuous delivery of valuable software" away from me, though!As a product team leader, I have tripped and recovered my way... Read More →

Tuesday August 6, 2019 10:45 - 12:00 EDT
Chesapeake 10/11/12