Skip to main content

RSA Presentation: At What Point Does DevSecOps Become Too Risky for the Business?

Every year, speakers bring their unique insights and perspectives to the RSA Conference. In February 2020, Security Compass’s Altaz Valani, Security Compass’ Research Director, and Hasan Yasar, SSD Division at Software Engineering Institute, Carnegie Mellon University presented: At What Point Does DevSecOps Become Too Risky for the Business?

This session covered the implementation of an automated, continuous risk pipeline that demonstrates how cyber-resiliency and compliance risk can be traced to and from DevSecOps teams working in the SDLC program and project levels. It also focused on asset management, DevSecOps tooling, policy-to-procedure platform and risk management platform.


Altaz Valani, Director of Research at Security Compass, manages the overall research vision and team. He is a regular conference speaker who conducts ongoing research in the software security domain. Prior to joining Security Compass, he was a Senior Research Director and Executive Advisor at Info-Tech Research Group, Senior Manager at KPMG, as well as various positions working alongside senior stakeholders to drive business value through software development. Valani is on the SAFECode Technical Leadership Council, CIO Strategy Council, the Open Group, and also sits on several IEEE working groups where cybersecurity and privacy challenges are being tabled at the international standards level.