Security as code: A DevSecOps approach

“In this talk, I am inviting you to apply some lessons learned from DevOps to implement a successful DevSecOps culture, in particular how we can make developers contribute to automated security checks.


  1. The specific challenges of shifting security left
  2. What did we learn from DevOps?
  3. Security as code with CodeQL. When developers take ownership of their security

(Note: CodeQL is a GitHub product, free for open source code)”


Xavier Rene-Corail

After 10 years as a software developer, then 10 years implementing best practices for a team of 250 developers (Agile principles, shifting left quality, devops culture …), I am now leading the ...