DevSecOps worst practices – the series

Transitioning from a Waterfall methodology in the Canadian Public Service to a role at Microsoft involving DevSecOps, the author recounts their journey of rapidly learning DevOps and DevSecOps through practical application and live coding on platforms like Twitch. This learning curve included both failures and successes, such as dealing with false positives during live presentations and struggling with tool implementations. Over time, the author gained expertise by assisting clients at IANS Research with Azure and AppSec issues and by coaching companies to develop their DevSecOps programs. Through continuous learning from conference talks, articles, and hands-on experience, the author gathered insights into common pitfalls in DevSecOps. This led to a conference talk and blog series discussing 15 'worst practices' to avoid, aiming to help others navigate the complexities of DevSecOps effectively by learning from past mistakes.