Turbo Eureka - Mike Long & Øyvind Fanebust - NDC Security 2023

Can we turn security, regulations and compliance into a fun devops project? This talk tells the story of how Stacc, a leading software provider to the financial services sector extended devops to prepare for ISO27001 security certification. Stacc has been around since 2016, and grown over the years through new product lines, and mergers and acquisitions. We have been early adopters of devops principles, and moved with the times when it comes to software development. Recently we made a company commitment to achieving ISO27001 security certifications. This talk describes our journey through the process of getting an ensemble of companies, teams and tech stacks together to meet the same standard. With the help of devops, it will show how we avoided the “one-platform-to-rule-them-all”, what we learned along the way, and what we still have to solve. Check out our new channel: NDC Clips: https://www.youtube.com/@UCDAfoBRLbriD_c4F-DznWcA Check out more of our featured speakers and talks at https://ndcconferences.com/ https://ndc-security.com/