Parveen ARORA (Member, DevSecOps WG, CSA & Co-Founder & Director, VVnT Foundation) presented on "Bridging the Compliance & Development Gaps with DevSecOps." It is important to recognize the compliance objectives and translate them to appropriate security measures. CSA recommends "Six Pillars of DevSecOps" & provides a high-level set of methods and solutions to build software at speed with minimal security-related bugs. CSA provides guidance to ensure the gap between compliance & development is addressed by identifying inflection points within the software development lifecycle where these controls can be embedded, automated, measured, & tested in a transparent & easily understood way. CSA & SAFECode aim to continuously improve software security outcomes. The recent publication covers in-depth details on Framework for Bridging Compliance and Development with the use of DevSecOps practices. A recording of his speech can be viewed athttps://www.csaapac.org/csavietnamvsummit2022.html.
------------------------------
Hing-Yan Lee
EVP APAC
Cloud Security Alliance
------------------------------