DevSecOps: Why, Benefits and Culture Shift

Vikash Chhaganlal

Head of Engineering at Xero


Why DevSecOps?

The first factor is Speed - the rate at which code is pushed to repos and released into production. Continuously Integrate the code. Fast feedback loop

The second factor is Scale - the applications being developed must scale to the demands of the customers

The third factor is Safe - Adoption of security through the entire SDLC

The fourth factor is Simple - Must always strive for simple and efficient ways. Standardisation of tools

The fifth factor is Stewardship - Lesser hand-offs between teams and/or members

Business Benefits

1 - Early identification of security / operational risks

2 - Faster time to market

3 - Faster feedback loop

4 - Lower the cost of change/delivery

5 - Evidence of compliance

Principles On How We Can Build A DevSecOps Culture?

1 - Short and frequent development cycles

2 - Incorporate and automate security as much as possible from the very beginning

3 - Leverage technologies that help agility

4 - Wider collaboration with all the teams (InfoSec and all the teams)

5 - Frequent communication

6 - Lesser hand-offs

7 - Influence in the culture shift within wider Xero (inputs on how we can improve the DevSecOps maturity)

8 - Practice what you preach (Transformation through delivery)

Be notified about next articles from Vikash Chhaganlal

Vikash Chhaganlal

Head of Engineering at Xero


Connect and Learn with the Best Eng Leaders

We will send you a weekly newsletter with new mentors, circles, peer groups, content, webinars,bounties and free events.


HomeCircles1-on-1 MentorshipBounties

© 2024 Plato. All rights reserved

LoginSign up