Book Overflow Shifting Left on Security - The DevOps Handbook
Jul 21, 2025
Discover the crucial role of integrating security early in the software development lifecycle. Learn how to balance security with innovation in DevOps, fostering a blameless culture that encourages learning from failures. Explore the benefits of adopting Terraform and Cloudflare to enhance infrastructure and user experience. Delve into innovative security practices, including the concept of 'shifting left' to streamline compliance while developing features. Finally, witness the transformation of relationships between security and development teams, leading to collaboration and enhanced efficiency.
AI Snips
Chapters
Books
Transcript
Episode notes
Shifting Left on Security
- Shifting left on security means integrating security best practices from day one of development.\n- Waiting until the end for security review is too late and delays deployment.
Amazon's Risk-Taking Culture Shift
- Amazon encouraged big risk-taking teams, accepting failures and reassigning engineers.\n- However, layoffs targeting these teams chilled the risk-taking culture.
Value of Game Days
- Conduct game days simulating real outages to test incident response and improve team coordination.\n- Use strategies like rolling releases or regional failovers to limit customer impact during game days.
