Working Group
DevSecOps
This group defines best practices and provides guidance and playbooks to help teams implement security into their DevOps process.
View Current ProjectsSix Pillars of DevSecOps
Working Group Co-Chairs

Chris Kirschke
Cloud Portfolio Information Security Officer at Albertsons Companies
Security Leader with over 20+ years of experience across Financial Services, Streaming, Retail and IT Services with a heavy focus on Cloud, DevSecOps and Threat Modeling. Advises multiple security startups on Product Strategy, Alliances and Integrations. Sits on multiple Customer Advisory Boards helping to drive security product roadmaps, integrations and feature developments. Avid hockey player, backpacker and wine collector in his spare t...

Sam Sehgal
Sam is the program leader and a distinguished engineer in the security organization at Dell. Sam has extensive experience with the modern secure DevOps practices needed to govern product and application security programs. He currently leverages his skills at Dell and leads the DevSecOps program. In this role, he focuses on DevSecOps security and architecture, as well as Secure Development Lifecycle (SDL) automation.

Kapil Bareja
Global Technical Manager
Thought Leader with over 18+ years of experience in various disciplines of Information Security specializing in Cloud based security solutions, Identity and Access Management, Privacy and Data Protection. Kapil is serving as Chapter Chair for IAPP New Jersey local chapter and member for Chief Privacy officers council. He is also an Advisory board member for VigiTrust and Sovrin. He is advisor chair to Advanced Technology Academic R...
Publications in Review | Open Until |
---|---|
HSM-as-a-Service Use Cases, Considerations, and Best Practices | Dec 09, 2023 |
Glossary of Data Security Terms | Dec 28, 2023 |
Who can join?
Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.
What is the time commitment?
The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.
Virtual Meetings
Attend our next meeting. You can just listen in to decide if this group is a good for you or you can choose to actively participate. During these calls we discuss current projects, and well as share ideas for new projects. This is a good way to meet the other members of the group. You can view all research meetings here.
Dec
7
Core Group - CSA DevSecOps
Jan
4
Core Group - CSA DevSecOps
Open Peer Reviews
Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.