
DevOps is now a well-established practice within organizations. But it's not enough in the modern era, which is why the concept of DevSecOps is now getting popular. One of the companies at the leading edge of this change is WhiteHat Security. As Setu Kulkarni, Vice-President, Strategy and Business Development, tells ActualTech Media CEO Scott Lowe in this RoadCast, embedding security throughout the software development lifecycle is much easier when it's integrated with DevOps.
One reason DevSecOps improves a company's security posture is that it brings more people into the conversation, Kulkarni says. Since communication is a key pillar in DevSecOps, security is built into the process, rather than bolted on as an afterthought. Click on the video above to watch the discussion.
In the next video, below, Kulkarni and Lowe discuss the changing nature of the Chief Information Security Officer, or CISO. Kulkarni calls it "CISO 1.0 vs. CISO 2.0." The new CISO, for instance, has to be more business-centric than previously, taking a more holistic approach to security. They also have to put long-term programs in place to address security concerns.