Auditors want proof that only the right people did what they were supposed to do, when they were supposed to do it. And they want that information now. Developers run for cover whenever release managers show up with an audit request in their hands. Audit-ready pipelines address both these problems.
At the same time, DevSecOps requires several core building blocks in order to become a reality: multiple connected tools, using only immutable objects managed by automated approval gates, all governed by centralized RBAC and end-to-end visibility and data (from code commit to production deployment.) In other words audit-ready release pipelines.
In this session, attendees will learn what an audit-ready release pipeline looks like and how they can placate auditors quickly and not bring fear to your development teams.