Earlier today, GitHub published a success story highlighting the great work completed by my DevSecOps team to standardise and automate the developer experience, whilst enforcing security standards and enhancing security visibility.

GitHub Success Story

With digital and data business models becoming the standard across every industry, the ability to ship reliable, scalable and secure code is more critical than ever before.

As a result, the team seized the opportunity to position GitHub as the common DevSecOps platform across the enterprise, including pre-built patterns (using HashiCorp Terraform) that unlock speed to value and agility through reuse, whilst promoting concepts such as innersourcing to drive continuous improvement.

These patterns, combined with GitHub Actions and GitHub Advanced Security, ensure security, privacy and quality standards are proactively enforced through programmatically defined controls.

The result, in 2021, infrastructure and application provisioning took an average of 600 hours (> 25 days). Through the new DevSecOps automation foundation, this lead time was reduced to 30 mins (< 1 day).

I highly recommend reviewing the success story for more details and/or connecting with the project lead, Calum Bell.

enterprise devops devsecops git github github_actions github_codespaces github_advanced_security github_copilot microsoft development programming chief_technology_officer cto architecture enterprise_architecture ea chief_information_security_officer ciso information_security cybersecurity security innovation strategy lifeinwork