Compliance & Regulatory Standards are NOT Incompatible with Modern Development - Charity Majors

Compliance & Regulatory Standards are NOT Incompatible with Modern Development Best Practices This talk was recorded at NDC Porto in Porto, Portugal. #ndcporto #ndcconferences #security #developer #softwaredeveloper Attend the next NDC conference near you: https://ndcconferences.com https://ndcporto.com/ Subscribe to our YouTube channel and learn every day: /@NDC Follow our Social Media! https://www.facebook.com/ndcconferences https://twitter.com/NDC_Conferences https://www.instagram.com/ndc_conferences/ Everybody knows that modern development practices include things like testing in production, continuous delivery, observability driven development, and separating deploys from releases using feature flags. Yet far too many times I've heard engineers from highly regulated industries complain that they have to follow a bunch of security theater due to regulations and standards. This is categorically false: there is NOTHING in ANY regulation or standard to prevent you from using modern development best practices. Let's take a stroll through the regulatory landscape and talk about how to make your case (and who to make your case to). A massive competitive advantage will accrue to those teams who can figure out how to make regulatory compliance compatible with fast feedback loops, which means that this is a fight very much worth fighting.