I notice that "security" doesn't figure in the devops slide at all. Bundling a whole load of untracked, old libraries together and then exposing it on the web might not be the best idea in the world.