How do you measure how secure your application is? While at NDC London, Carl and Richard chatted with Victoria Almazova about her work around measuring DevSecOps. Victoria talks about making security part of the DevOps cycle, which is part of every build and measured constantly. The conversation moves to traditional penetration testing and the challenges of incorporating security improvements into applications. But what if your security efforts shifted to the left and became part of your development practice? Then there would be fewer fixes to make!

Support this podcast at — https://redcircle.com/net-rocks/donations