DevOps is quickly becoming DevSecOps, so this talk is for anyone who wants to learn from others past mistakes instead of by doing. In this talk, Art Garcia will share some common security missteps and the tools that to solve for them, like building a secure pipeline and running credential scanners.

DevOps is quickly becoming DevSecOps, so this talk is for anyone who wants to learn from others past mistakes instead of by doing. All good developers have put a connecting string in a database while writing source code, which is a Security 101 No-No. It is something everyone does- but shouldn’t- and if you keep doing it, catastrophe can occur. So, if it’s so bad… Why do we do it? And what can we do about it? In this talk, Art Garcia will share some common security missteps and the tools that are available to solve for them. He will walk you through building a secure pipeline, running credential scanners, and share stories from the trenches.

Tito Martinez is a Principal Technical Program Manger on the Commercial Software Engineering team (CSE), which is a global engineering organization that works directly with the largest companies and