Skip to main content

Exit Stage Left: Eradicating Security Theater

0 minutos de leitura

| Keynote |

Kelly Shortridge, VP of Product Management & Product Strategy, Capsule 8

Information security is often perceived as the surly gatekeeper of I.T. whose iron grip chokes software delivery. Infosec commands the stage in this security theater, instituting punitive policies, procedures, and controls masquerading as security strategy. The negative side effects created by these “strategies” are traditionally overlooked when measuring security outcomes, resulting in superficial progress at the expense of organizational growth and productivity.

In this SnykCon talk, Kelly Shortridge unmasks security theater and explores how it leads to increased organizational friction, especially in the realm of software delivery, rather than promoting safety. She contrasts these dramatics with a security chaos engineering approach – one which embraces the importance of convenience, alignment with organizational goals, and the wisdom derived from failure. Finally, she concludes by exploring pragmatic approaches to security approval patterns that accelerate software delivery, level up security, and foster a collaborative culture between dev, ops, and infosec.

Thirsty for more? Check out Snyk's DevSecOps Hub for more resources and tips:

Up Next

Connections and Intersections between Resilience Engineering and Security

In this SnykCon keynote John Allspaw describes this critical field, lays out some of the few connections that have been made to security in software-centered environments

Continuar lendo