DevSecOps At Scale – Stay Secure
Sonatype is a software vendor which has a large number of applications in the CI/CD and security industry. Tools include Nexus Repository and professional to store artifacts and Nexus Lifecycle. Wiebe de Roos gave a presentation as part of AllDayDevops: DevSecOps At Scale – How Team Autonomy Helps The Enterprise Stay Secure.
All Day Devops – 24hours
The presentation was part of a 24h live-stream of different webinars which were broadcasted all over the world. Previously Wiebe presented the improvements of CI/CD processes and implementation at ABN AMRO. This time, the session was all about team autonomy and security. He worked together with Dominik de Smit.
Implementation of Sonatype tools
The journey of ABN AMRO about CI/CD could not have been a success without the implementation Sonatype tools. Most of these tools are used throughout the entire software development department. More than 350 Agile teams deliver software on a daily basis. As soon as a new team joins, the team members will be onboarded to all of the tools (automatically).
In the presentation we highlighted a roadmap from 2017 and 2018 which showed the security stages which were implemented as part of the “secure coding” program. Part of the secure coding program was a highler level of team autonomy. Challenges arrived to keep all of the software components secure. We gave a lot of best practices and examples on how to achieve this. Sonatype tools helped a lot to facility this journey.
Around 400 people visited the webinar and the reactions and comments of the audience was very well received. After the session, there’s room for questions and discussions. Interaction is king to improve stuff and to spread knowledge. We value the opinion of the audience a lot.