Last week, I shared a session from a previous Automation Guild, but this week, I'd like to share a session from our previous SecureGuild. So here is a presentation by Hasan Yasar on How to build a DevSecOps Pipeline as Code!

You've heard the hype and read dozens of blog posts on DevSecOps. Finally, your organization has decided to make this cultural shift to take advantage of automation and the benefits of DevOps.

However, making this shift as an engineering team can often be cumbersome because many tech professionals still need to familiarize themselves with the technologies required to implement a complete DevOps pipeline, including security automation.

In this talk, Hasan will introduce Microcosm, a miniature, secure DevOps pipeline he developed at the SEI, available through infrastructure as code. Microcosm represents a miniature version of a secure DevOps pipeline compared to what you find in a large enterprise environment.

Listen up as Hassan goes over crucial principles of the DevSecOps pipeline and shares his lesson-learned examples with the Security community.