Marc Walzer
Security and Data Protection Officer at Sherpany

Discussing security in a world of rapid changes and continuous delivery: DevSecCon London

Information Security has always been an important topic, and it gets more and more attention every day from different industries. Currently, tech businesses are demanding quick software releases cycles for new updates and features, leaving security in the background. It tends to be managed as an afterthought and put into a reduced timeframe.

Security, however, should not be sacrificed for the sake of a speedy delivery. This is where DevSecOps comes in place.

But, what is DevSecOps?

DevSecOps is an approach that relies on the intense collaboration between development, security and IT-operations. The three core competencies together create ways to build security into the development process in a continuous manner, without neither impacting critical deadlines, nor delaying a software's release cycles.

In order to be able to react fast to the rapidly changing requirements and deliver a highly secure service, Sherpany follows the DevSecOps approach. With greatly skilled developers, security quality gates already early in the development lifecycle, automated security assessments and external assurance, Sherpany delivers a very high level of security for all information stored in the Sherpany meeting software.

Nevertheless, we strongly believe that it's essential to acknowledge industry trends and learn about best practices to overcome internal challenges. That is why security team members from Sherpany have attended this year's DevSecCon conference in London, which took place during the month of October.

The DevOpsCon event

The DevOpsCon conference is a platform for leading experts to showcase their ideas in order to give different perspectives on common topics of the industry. This year's edition gathered 22 expert speakers and 350 attendees from different countries, industries and backgrounds. They all met in the heart of London for two days of intense discussions and exchange of ideas on best practices, current trends and innovative approaches.

"Attending the conference allowed me to get a better grasp of the trends in the field. It was also a great opportunity to meet people that shared valuable know-how, and had a lot of insightful, experience-based learnings for all those participating." explains André Carpinteiro, DevSecOps Engineer at Sherpany

Of all presentations, one stood out because of its fascinating concept. Matthew Pendlebury, Senior Security Consultant, MWR InfoSecurity, and expert in organisational defensive security, talked about "attack aware application".

The concept reveals that if an application is “attack aware” it does not rely solely on external components, such as antivirus software, firewall solutions or intrusion detection systems to detect malicious activity. What it can do, however, is to detect an attack by itself, and even react to it appropriately. The concept brings to light a big advantage: this type of behaviour can result in another layer of security in order to protect the sensitive information.

DevOpsCon London's agenda offered other insightful talks about threat modelling, security automation and instrumentation and many other topics. The event brought together experts from the fields of DevOps and Security ensuring an environment of learning and support for participants to make sure that their development and delivery cycles are secure. This added to the successful outcome of the event and made the team from Sherpany excited to attend this year's conference.

For more information on the subject, we invite you to read about the importance of software security at Sherpany.

Marc Walzer
Marc Walzer
Security and Data Protection Officer at Sherpany
Marc Walzer has a MSc in Business Information Technology and at Sherpany, he is responsible for information security and ensuring that personal information is managed appropriately.

Marc also wrote about Weak TLS Encryption: a wide-spread risk

Visit Website

Insights and Resources


Insights and Resources

Sherpany provides company news, expert articles, exclusive interviews, case studies and best practices on digitalisation and the transformation of the meeting culture of c-level executives, directors and corporate secretaries.

Examples include content about:

  • Agile meeting management software
  • Digitalisation and digital meetings
  • Governance and compliance
  • Efficient leadership

Try Sherpany

We are glad to provide you with a personalised demonstration of Sherpany at a suitable time and location. Simply fill in the form and we will get in touch with you shortly.

Contact us

If you would like to talk to us about our solution or have specific requests, contact us and we will get in touch with you shortly.

Request pricing

Fill in the form and you will be contacted as soon as possible.

Subscribe Newsletter