DevSecOops: 15 years of DevOps and patching is still horrible (but should you care?)

One core truth of software that has held true over paradigm shifts is that if you deploy software, you’ll sooner or later have to deploy a fix to that software. DevOps, Cloud Native, & containers have all led the way in forcing us to rethink how we accomplish deployments with efficiency & scale. But these paradigms have also made the patching problem much worse. The explosion of FOSS, shifting choice left to development teams, decoupling applications into microservices, & the rise of the Cloud have all made patching that much more difficult in the modern day.

During this talk, we will explore the complications of patching a modern application platform, and will explore how teams can more effectively collaborate on the CVE mitigation process. We will also discuss how teams can go beyond patching for CVE mitigation by leveraging defense in depth practices. Attendees will leave with a better understanding of the challenges of modern architectures & practices, how to build effective CVE mitigation strategies, and how to collaborate with security teams better on the topic.



Michael Ducy

Michael Ducy currently leads a team of technical experts focusing on helping companies adopt and use Red Hat’s Cloud Services on AWS, Azure, and other public clouds. Michael has held a variety of ...