Scaling Security: What Shifting Left Was Supposed To Mean

“Shifting Left” has become an industry buzzword that, to some, means they will finally get the organization to take security and DevOps seriously. But unfortunately, not everyone sees eye to eye on this subject yet. For a lot of people on the left side of the equation such as developers and platform engineers, this can seem like an oncoming avalanche of standards, 40+ page PDFs, and requirements that come from teams that might have never actually talked to the end customer.

In the average organization, the size of the dev team is much larger than the security teams, sometimes by truly staggering amounts. Shifting Left can mean everyone works cohesively to make sure security is implemented, tested, monitored, and reported effectively. We will walk through some of the best practices toward this common goal being implemented and popularized right now, with the goal of revealing the single underlying truth that shifting left can be a very positive thing for everyone involved.

In this session we will walk through:

  • A brief history of DevSecOps
  • That sharing security responsibility was supposed to solve
  • Where the disconnect is happening on most teams
  • Approaches to better security throughout the SDLC with minimum disruptions



Dwayne McDaniel


Developer Advocate at GitGuardian and huge fan of open source

Dwayne has been working as a Developer Relations professional since 2015 and has been involved in tech communities since 2005. He loves