From DevOps to DevSecOps: Evolving Security Responsibilities

If you're tired of hearing "shift left" in DevSecOps and seeing little real change, you're not alone.

In this episode, David Mytton (CEO of ArcJet, founder of Console.dev) breaks down why traditional approaches to developer security often fail. He reveals the core conflict between developers (who want to build fast) and security teams (who want to mitigate risk), and explains why this misalignment of incentives can be detrimental for your software. Learn why simply handing devs more security tools isn't enough.

David shares his insights from years of experience reviewing developer tools and building security products. He discusses the importance of developer-centric design, the power of the right incentives, and the need for security solutions that seamlessly integrate into the developer workflow. Plus, he reveals the secrets to successful developer marketing and why traditional approaches often backfire.

Tune in to discover how to foster a security-conscious culture within your engineering team, without stifling innovation or creating unnecessary friction. Learn how to empower developers to build secure software by design, and discover the tools and strategies that are shaping the future of DevSecOps.

Check out:

• Translating DevEx to the Board 
• Beyond the DORA Frameworks
• Introducing AI-Powered Code Review with gitStream

Follow the hosts:

• Follow Ben
• Follow Andrew

Follow today's guest(s):

• console.dev
• arcjet.com

Support the show:

• Subscribe to our Substack
• Leave us a review
• Subscribe on YouTube
• Follow us on Twitter or LinkedIn

Offers:

• Learn about Continuous Merge with gitStream
• Get your DORA Metrics free forever