DevSec-Oops – secure delivery doesn’t have to be so hard


This event took place on Sep 21, 2022

Approximately 1 hour(s) with question time included.

About this event

Why does securing our systems so often feel disruptive, box ticky, and well… hard? The transformation of software delivery over the last decade has given us plenty of practice building secure delivery into our systems, yet still we come up against the same problems again and again. Find out how to make DevSec-Oops a thing of the past in this talk with security transformation expert Chris Rutter. 

By adopting a set of effective paths to software delivery, we’ve improved how we build, test, deploy, and operate software systems, gaining faster time to market and more reliable systems. So why, when it comes to security, do we still get bogged down by the hundreds of questions, the weeks of pen testing, and the avalanche of spreadsheets? 

In this talk we’ll explore common frustrations encountered when securing products; we’ll dive into causes and provide concrete, practical, and battle-proven techniques to counter situations you’ll be all too familiar with: 

  • Black-box security reviews and tests are blocking my release.
  • A massive chunk of security work just landed on me out of nowhere.
  • I can’t prove the value of any of this security work, other than I ticked some boxes and gained approval!
  • I spend hours and hours doing the same security activities and fixes, and so does everyone else I speak to.

Learn how to overcome these hurdles to build secure systems that comply with security requirements while enabling modern, agile and productive delivery at scale. We’ll explain why: 

  • Empowering delivery teams to self-assess is key to genuinely securing software delivery.
  • Measuring security health is possible, and can be used to scale, prioritise and celebrate positive security improvements.
  • Empathy for your InfoSec team is crucial – they want to succeed and they’re part of the same organisation as you.
  • Friction and wasted time in security processes can, and must be removed

Join us for more ‘ooh’ and less ‘oops’ in your DevSecOps.


This talk takes place at:

6pm BST

7pm SAST

10.30pm IST

1pm ET (US)



DevSec-Oops – secure delivery doesn’t have to be so hard

This event has ended however you can watch it, along with other past events, via the link below.


Chris Rutter
Security Principal

Chris is Security Principal at Equal Experts, and specialises in transforming security technology and processes to support delivery, scale and measurable security improvements.


Chris has helped transform how security is approached within small teams, on large digital platforms, and everything in-between. He has worked across government, retail and financial services industries to successfully improve measurable security, reduce delivery friction and introduce lasting process and technical change for each company he has engaged with.

In this talk, Chris draws on his vast experience with high profile and high security organisations to dispel some of the myths – and address the frustrations – of working in DevSecOps.