Software security is about protecting information and ensuring that systems continue to function correctly even when under malicious attack. The traditional approach of securing a system has been to create defensive walls such as intrusion detection systems and rewalls around it, but there are always cracks in these walls, and thus such measures are no longer su cient by themselves. We need to be able to build better, more robust and more \inherently secure" systems, and we should strive to achieve these qualities in all software systems, not just in the ones that \obviously" need special protection. Software security reached prominence the the publication of Gary McGraw's book in 2006, but was of course not invented then. However, few software development organizations other than those involved with creating security software saw the need for paying much attention to software security, and thus the secure software development frameworks available tended to be rather clunky and not particularly suited to the emerging agile software development approaches. If we accept the earlier stated premise that software security is necessary for all software, there is clearly a need for software security methodologies that also work with agile. This year the workshop was co-located with ESORICS 2017 in Oslo, Norway. This year's workshop focused on techniques, experiences and lessons learned for engineering secure and dependable software using the DevOps paradigm, as well as other forms of agile development. The program of the workshop was comprised of three di erent forms of contributions. The Keynote speaker was Laurie Williams from NCSU, who presented the Experiences with Continuous Deployment and Software Security in Google, Net ix, Facebook and others. We have also included two presentations from industry as a form of opening the communication between academia and practice: Dr. Jostein Jensen presented the experiences from Kongsberg Digital on industrial enterprise security and Per Kronstrom presented the experiences of Visma Software with static analysis tools. Of course, a workshop would not be a success without the hard work of the many researchers and practitioners who submitted their papers for review. This Copyright c 2017 by the paper's authors. Copying permitted for private and academic purposes. In: M.G. Jaatun, D.S. Cruzes (eds.): Proceedings of the International Workshop on Secure Software Engineering in DevOps and Agile Development (SecSE 2017), published at http://ceur-ws.org