Continuous Integration and Delivery/Deployment helps speed up development and review workflows. Developers now can focus on code reliably tested in different environments. Once in a while the operations team gets paged on broken pipelines and jobs being stuck. Then the security audit has unveiled plain text secret exposure and dependency exploits.

The next horror story: The software cannot be deployed anymore since package dependencies are broken in a new distribution.

In this talk we take a different look and hear stories on making CI/CD pipelines more secure. Automated deployments and package/container repositories will also help to avoid redundant cycles and extra work hours.

In addition to that monitoring/observability combined with automation ensures to sleep in busy on-call times. No matter where you see yourself – in Dev, Sec or Ops.