SnykCon

In this section

Related articles

SnykCon Sessions Beyond the Devops Handbook - What about devsecops?Blow up your Security: We are all Engineers SnykCon Happy Hour: Live Coding Music with Sonic Pi Are You a Security Sherpa, or a Security Bully?Product Security Automation at Asurion Hackers don’t wear hoodies, they wear capes Do you accept the risk? Dynamic risk metrics in your environment.Disclosing security vulnerabilities: If You’re Good at Something - Never Do it for Free DevSecOps for Platform Teams: A Discussion on Making It Easy to Do the Right Thing DevSecOps - Views from the coal face Navigating DevOps Security journey at Scale using OWASP SAMM 2.0 Host Like Your Planet Depended On It

Exit Stage Left: Eradicating Security Theater

Connections and Intersections between Resilience Engineering and Security Whoops! I Committed It Again: Configuring Git to Prevent Accidental Commits Utilizing Dojos to Instill a Culture of DevSecOps

Want to try it for yourself?

Exit Stage Left: Eradicating Security Theater

0 mins read

| Keynote |

Kelly Shortridge, VP of Product Management & Product Strategy, Capsule 8

Information security is often perceived as the surly gatekeeper of I.T. whose iron grip chokes software delivery. Infosec commands the stage in this security theater, instituting punitive policies, procedures, and controls masquerading as security strategy. The negative side effects created by these “strategies” are traditionally overlooked when measuring security outcomes, resulting in superficial progress at the expense of organizational growth and productivity.

In this SnykCon talk, Kelly Shortridge unmasks security theater and explores how it leads to increased organizational friction, especially in the realm of software delivery, rather than promoting safety. She contrasts these dramatics with a security chaos engineering approach – one which embraces the importance of convenience, alignment with organizational goals, and the wisdom derived from failure. Finally, she concludes by exploring pragmatic approaches to security approval patterns that accelerate software delivery, level up security, and foster a collaborative culture between dev, ops, and infosec.

Thirsty for more? Check out Snyk's DevSecOps Hub for more resources and tips:

Up Next

Connections and Intersections between Resilience Engineering and Security

In this SnykCon keynote John Allspaw describes this critical field, lays out some of the few connections that have been made to security in software-centered environments

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer’s toolkit.

Start free Book a live demo

Product

Resources

Documentation Snyk API Docs API status Disclosed vulnerabilities Support portal & FAQ’s Blog Security fundamentals Resources for security leaders Resources for ethical hackers Vulnerability Database Snyk OSS Advisor Snyk Top 10 Videos Customer resources

Company

About Customers Careers Events Snyk for government Press kit Security & trust Legal terms Privacy For California residents: Do not sell my personal information Website Terms of Use

Connect

Book a live demo Contact us Support Report a new vuln

Security

Application Security Container Security Supply Chain Security JavaScript Security Open Source Security AWS Security Secure SDLC Security posture Secure coding Ethical Hacking AI in cybersecurity Code Checker Python Enterprise Cybersecurity JavaScript Snyk With GitHub Snyk vs Veracode Snyk vs Checkmarx

© 2024 Snyk Limited
Registered in England and Wales