Invited Talk

"A Practical Insights into DevSecOps using an example from the US DoD"

Guenjun Yoo

Senior Technical Account Manager

Talk Abstract

The cutting-edge software development methodology, DevOps, emerged about 10 years ago, and integrating security into DevOps has become the new norm in modern software development, regardless of Cloud or on-premise environments.

In this invited talk, DevSecOps evangelist Guenjun provides practical insights into DevSecOps using an example from the US Department of Defense (DoD), an organization that demands the highest level of security and innovation in its DevSecOps practices.

The US DoD has released an unclassified guide on Enterprise DevSecOps, titled "DoD Enterprise DevSecOps Reference," continuously updating it to remain relevant. Today, this guide stands as the most referenced resource worldwide for DevSecOps practices.

The "DoD Enterprise DevSecOps Reference Design" offers a comprehensive framework for implementing DevSecOps within the US DoD, highlighting key principles, methodologies, and best practices for integrating security into the DevOps pipeline. It underscores the significance of collaboration alongside automated CI/CD in a secure microservices environment, providing guidance on cultural transformation, toolchain integration, and secure coding practices.

This invited talk serves as an invaluable learning opportunity, showcasing secure collaboration in software development and operations with a real-world example from the US DoD. It is a testament to the evolving landscape of DevSecOps and its critical role  in modern-day security-conscious software development.


Short Biography

Guenjun Yoo is a senior Technical Account Manager in Mattermost and he is a DevSecOps evangelist with a passion for innovation and technology. With a solid background in software engineering and DevOps practices, he has demonstrated expertise in architecting and implementing scalable and secure DevOps solutions.

Throughout his career, Guenjun has worked with leading DevSecOps solutions, where he has contributed to the development and deployment of cutting-edge software solutions to various enterprises. His proficiency in DevOps methodologies, including source code management, CI/CD and collaboration, has enabled him to streamline processes and enhance productivity across teams in secure environments.