Explaining DevSecOps Engineer FULLY (Is It Right For You?)

Рет қаралды 5,323

Күн бұрын

Пікірлер: 24

@geekspeak1066 2 жыл бұрын

I have a strong security architecture not devops. The learning curve was steep but possible. SANS Sec540 training helped glue everything together.

@CloudSecurityPodcast 3 жыл бұрын

Thanks for having our host on the show Gerald! You are a good interviewer :)

@SimplyCyber 3 жыл бұрын

🥰 You are very kind. Ashish was insightful and a delight.

@9fxhrlif9er 2 жыл бұрын

Your video is not explaining the role of a DevSecOps Engineer "FULLY." I am a DevSecOps Engineer and the role of a "DevSecOps Engineer" is much, much more than just building and maintaining CI/CD pipelines for deploying an application into Production with additional security checks. This is a major misconception people have with the term DevOps and DevSecOps as a cultural methodology vs what an actual DevOps or DevSecOps Engineer actually does. We do everything a DevOps Engineer does (the role of a Cloud Engineer and the role of a Systems Administrator, utilizing Infrastructure as Code/automation), but we also automate, manage, and maintain the security tools in addition (firewalls, IDS, IPS, etc) to meet compliance set fourth by RMF. In short a DevSecOps Engineer (at least at my organization) does DevOps (again which is not strictly CI/CD

@SimplyCyber 2 жыл бұрын

Want to come on as a guest?

@AshishRajan 3 жыл бұрын

Thanks for having me on to talk about DevSecOps Gerald! :)

@SimplyCyber 3 жыл бұрын

Your insight was well received by the community.

@CFH298 3 жыл бұрын

Is DevSecOps considered a track within Cybersecurity? I’m currently an ISSO and work with the RMF (GRC) and would like to pursue this track in the cleared space. DevSecOps is huge and new with the DoD and all the software factories standing up.

@AshishRajan 3 жыл бұрын

Yes James - that is correct!

@CoachRob619 10 ай бұрын

How did you land your ISSO role?

@DanteakaHarsh 3 жыл бұрын

Timestamps 0:00 Preview 1:26 What is the DevSecOps Engineer job? 7:07 What skills are needed to do the job? 12:13 What is/are the PROS of the job? 13:57 What is/are the CONS of the job? 17:12 Best way to get these skills?

@TheSpaniard314 3 жыл бұрын

Thanks for the great video! I agree about automating SAST and the mountain of false positives it can create being a massive headache. I am currently working as a DevSecOps Engineer. I would really like to hear about Ashish's journey from DevSecOps to CISO. That is my long term career goal, but I struggle with what to do next to make sure I am moving in that direction.

@SimplyCyber 3 жыл бұрын

Thanks for sharing! I'll message Ashish and see if he can answer that (or if he wants to come back on stream).

@jacksonrichardson1197 21 күн бұрын

@@TheSpaniard314 hey i’m looking to get into dev spec ops could you give me some tips?

@BobBob-qm2bm 3 жыл бұрын

Keep on bring the knowledge Gerry!

@satish1012 8 ай бұрын

But once the dev ops pipeline is established after that does this DevSecOps engineer would do. What is mean if we we have team of 3 to 4 people they would have not much to do after the pipeline establishment

@PetritK10 3 жыл бұрын

Great as usually, thank you :D

@SimplyCyber 3 жыл бұрын

Thanks so much. Ashish was great to talk to and really answer this question. ( I was wondering the answers too).

@cheftp404 3 жыл бұрын

That was excellent. I had been wondering exactly what devsecops meant. A good goal to focus towards

@SimplyCyber 3 жыл бұрын

Glad it was helpful!

@pauloseputhenpurackal3135 3 жыл бұрын

great video..i am currently into SOC in India.only problem for me are rotating shifts every week which is not suitable for my health..can you suggest roles after SOC that does not require shift work..any videos..btw great video

@SimplyCyber 3 жыл бұрын

Not sure how it works in India but digital forensics and malware Analyst are bot out of the blue side and would be familiar to soc analyst. I do have videos for each on the channel.