In today's fast-paced environment, teams are constantly aiming at delivering code, features and applications at an unprecedented speed. Agile and DevOps have heavily contributed to the increased go-to-market speed. However, this rapid development often neglects crucial security considerations, leaving systems vulnerable to cyber threats and compromises. DevSecOps is an approach that aims to bridge the gap between agility and security, by combining development, security, and operations.

Does this sound too good to be true? Are you wondering what could possibly go wrong?

Oftentimes there is a gap between theory and practice: this talk aims to explore the good practices for implementing DevSecOps and challenges associated, emphasizing the critical need for a cultural shift to foster its successful adoption. The challenges include security people being the fun police, developers being really lazy at times, but also the lack of awareness and education, different KPIs in the teams and organizational silos. We will examine real-world examples and best practices to provide practical insights into overcoming these obstacles.

By attending this talk, participants will gain a comprehensive understanding of the concept behind DevSecOps, the challenges associated with the implementation and learn practical techniques to initiate and sustain a cultural shift. This talk is intended for development, operations and security experts. They will leave equipped with actionable insights to effectively integrate security into their practices.