Working Group
DevSecOps
This group defines best practices and provides guidance and playbooks to help teams implement security into their DevOps process.
View Current ProjectsSix Pillars of DevSecOps
Working Group Co-Chairs

Chris Kirschke
Cloud Portfolio Information Security Officer at Albertsons Companies
Security Leader with over 20+ years of experience across Financial Services, Streaming, Retail and IT Services with a heavy focus on Cloud, DevSecOps and Threat Modeling. Advises multiple security startups on Product Strategy, Alliances and Integrations. Sits on multiple Customer Advisory Boards helping to drive security product roadmaps, integrations and feature developments. Avid hockey player, backpacker and wine collector in his spare t...

Sam Sehgal
Sam is the program leader and a distinguished engineer in the security organization at Dell. Sam has extensive experience with the modern secure DevOps practices needed to govern product and application security programs. He currently leverages his skills at Dell and leads the DevSecOps program. In this role, he focuses on DevSecOps security and architecture, as well as Secure Development Lifecycle (SDL) automation.

Kapil Bareja
Global Technical Manager
Thought Leader with over 18+ years of experience in various disciplines of Information Security specializing in Cloud based security solutions, Identity and Access Management, Privacy and Data Protection. Kapil is serving as Chapter Chair for IAPP New Jersey local chapter and member for Chief Privacy officers council. He is also an Advisory board member for VigiTrust and Sovrin. He is advisor chair to Advanced Technology Academic R...
Publications in Review | Open Until |
---|---|
The Six Pillars of DevSecOps - Collaboration and Integration | Oct 20, 2023 |
Key Management Lifecycle Best Practices | Oct 26, 2023 |
Cloud Security Maturity Model 2023 | Oct 26, 2023 |
Who can join?
Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.
What is the time commitment?
The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.
Virtual Meetings
Attend our next meeting. You can just listen in to decide if this group is a good for you or you can choose to actively participate. During these calls we discuss current projects, and well as share ideas for new projects. This is a good way to meet the other members of the group. You can view all research meetings here.
Sep
27
Privacy by Design Workshop 2
https://cloudsecurityalliance.zoom.us/meeting/register/tZ0oce2pqz0uGdZHPTIsZe5KlqdA4K01dSNC
Oct
5
Core Group - CSA DevSecOps
Nov
2
Core Group - CSA DevSecOps
Open Peer Reviews
Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.