DevOps is Now DevSecOps

Join us at DevOps Connect: DevSecOps @RSAC 2023 as we explore different ways to effectively integrate security into DevOps processes, discuss the emergence of security engineers in DevOps and explore the role of developer security champions.

We’ll take a look at the latest DevSecOps trends, best practices and technologies, while focusing on two main topics:

  • Shift left versus shift right security
  • Open source security

Shift Left Vs. Shift Right

While the “shift left vs. shift right” debate has been going on for some time, we’ve seen that adopting both shift left and shift right strategies enables DevOps teams to deliver the highest-quality software. Shifting security left and right speeds up software development efficiency, ensures performance, resilience and reliability. Join us for a holistic deep dive into shift left and shift right testing.

Open Source Security

Because of its public nature, open source software is a compelling target for malicious actors. At DevOps Connect: DevSecOps, top security experts will discuss:

  • Open source security risks and how to address them
  • How to operationalize SBOMs
  • How the tech industry and the government are working together to take action on open source security (e.g. Securing Open Source Software Act of 2022)
  • Why SBOMs alone can’t protect your software supply chain

Event Speakers


Keynote Session

Speaker Session

Panel Session


7:50 AM - 8:00 AM (PDT)
Welcome and Review The Day
Alan Shimel Mark Miller
8:00 AM - 8:30 AM (PDT)
What's on the horizon for Cybersecurity and Open Source in 2023
Mark Miller Kadi Grigg Katy Craig
8:30 AM - 9:00 AM (PDT)
Building an Engaging Security Champion Program
Dustin Lehr Jennifer Czaplewski
9:00 AM - 9:30 AM (PDT)
Securing the Software Supply Chain: Transparency in the Age of the Software Driven Society
Chris Hughes
9:30 AM - 10:00 AM (PDT)
Changing Mindset: What Cybersecurity Practitioners Can Learn From Tarot Cards
Caroline Wong Mark Miller
10:00 AM - 10:15 AM (PDT)
10:15 AM - 10:45 AM (PDT)
Keynote Session - DevSecOps: The Train Has Left the Station
Shannon Lietz
10:45 AM - 11:15 PM (PDT)
DevSecOps Operationalization
John Willis
11:15 AM - 11:45 AM (PDT)
The fastest growing open source security projects (The Open Source Security Index)
Andrew Smyth Chenxi Wang, Ph.D.
11:45 AM - 12:15 PM (PDT)
DevSecOps-ing the Infrastructure
Mike Rothman
12:15 PM - 1:00 PM (PDT)
Lunch Break
1:00 PM - 1:30 PM (PDT)
Applying AI to the SDLC: New Ideas and Gotchas
Tracy Bannon
1:30 PM - 2:00 PM (PDT)
Myths and Realities of Software Bill of Materials
DJ Schleen
2:00 PM - 2:30 PM (PDT)
Incident Response for Developers
Tanya Janca
2:30 PM - 3:00 PM (PDT)
CISO Panel - DevOps is Now DevSecOps
Alan Shimel David DeSanto Suzie Prince Shawn Ahmed Netanel (Nati) Davidi