Banking and financial technology has been at the forefront of DevOps and DevSecOps when it comes to developing new processes for cultural transformation and the integration of security into the software development lifecycle. This session will focus on various solutions involving DevSecOps and how Prudential is inching towards reaching maturity in different areas of the business, with real life examples.

If a strategy determines the road your organization will take, culture is the engine that determines how fast you will go down that road. More than ever, leaders must ensure that their organizations can not only survive disruption but thrive with it. We’ll look at the three beliefs of disruptive organizations and how to build a culture operating system optimized for disruption.

Join Steven Sim as he discusses:

• Why you cannot apply DevOps sustainably without addressing application security along the way
• Avoiding a buildup of hidden “technical debt” in the form of unidentified security defects and vulnerabilities in your applications
• Honoring the crucial trust among your development, operations and security teams to motivate them to work collaboratively to rapidly deliver business value

In this session we’ll introduce the Four (good) Horsemen of DevSecOps that will help you to safeguard your Digital transformation journey: 1) Security Architecture Design review; 2) Static and Dynamic code analysis; 3) Container and Cloud security; and 4) Continuous Compliance. Learn how to kick start your DevSecOps journey confidently and securely while accelerating the pace of software delivery.

Companies still aren't getting security basics right, and it's costing millions. Drawing on experience as a security engineer and bug bounty program lead at India's largest e-commerce platform, Christine will introduce some of the most common security vulnerabilities, including simple misconfigurations and unpatched components, and the fixes which could have prevented some of the largest breaches in recent history.

Being able to operate business reliably and remotely is of paramount importance. It is critical for organizations to be able to perform continuous integration and deployment to roll out firmware, application and security patches to connected devices. Attendees will learn how to build an automated DevSecOps pipeline for IoT workloads to accelerate business outcomes and keep devices, data and IP secure.

Have you struggled to get security baked into your DevOps process or have your security needs taken a back seat to "run fast and break things"? Join for this deep dive into adding container scanning to a DevOps pipeline. We'll enumerate the security tool categories and provide tips for adding these tools to your development workflow, build pipeline, and production monitoring setup. You can achieve a robust security posture and still release continuously.

The software development and application security testing landscapes have changed significantly over the years. Application security, however, has not quite kept up and doing security is still an onerous and frustrating process, with security still slowing development down. Edwin will share a different approach to application security, where we're shifting security further left and focusing on the application's supply chain.