3137 DevSecOps Transformation at IBM with Speek and Scale.pdf

1、October 21-24,2024Mandalay Bay Convention CenterLas Vegas,NevadaSession 3137Philippe Mulet,IBM Cloud Platform Automationphilippe_ DevSecOps Transformation at IBM with Speed and Scale#IBMTechXchangeBusiness Outcomes by the NumbersTEAMSTEAMS adopted theDevSecOps platform to unlock time for other prior

2、itiesPERSON YEARSPERSON YEARSof timesaved across 150 adopting teamsAgenda01 Why DevSecOps Transformation at IBM?02 IBM DevSecOps Platform03 Accelerating Adoption&Growth04 Business OutcomesIBM TechXchange|2024 IBM Corporation#IBMTechXchangeDriving factors for DevSecOps TransformationRegulatory requir

3、ements,industry standards,and client expectations for a secure software supply chain are intensifying and common solution is needed to ensure efficiency and consistency across IBMRepeatable end-to-end supply chain security is only possible through automation of CI/CD processesDuplication of effort a

4、cross development teams must be greatly reduced to keep developers productive and IBM competitiveVisibility into the security posture of all IBM products is required for efficient identification and remediation of vulnerabilities across the enterprise4IBM TechXchange|2024 IBM Corporation#IBMTechXcha

5、ngeRequired automation to meet new security&compliance directives leads to inconsistency and duplication of effort from teams when implemented in silosPrescriptive automation makes Prescriptive automation makes doing the right thing the easy doing the right thing the easy thingthingNISTControlsSBOMS

6、erviceCORPORATE SECURITY Policy Platform and version Secrets and credentials detection Inventory of open-source libraries Open-source dependency vulnerabilities Code quality and automated test coverage Static Application Security Testing vulnerabilities Container image vulnerabilities Artifact signi