How does a traditional security team cope with a move to DevOps?
In this talk we will discuss the challenges facing a traditional security team familiar with incident management, traditional network and infrastructure controls who are faced with challenges from both their development and operational teams to be more responsive and pro-active; yet may not be familiar with much of the terminology or emerging best practices from those domains. A case study of a large investment bank will show how an application security team can adopt practices which allowed them to drive security rather than being an impediment to secure application delivery.