After reading the book ‘Essentialism’ by Greg McKeown I took a look at the complexity of the massive DevSecOps Reference Architecture I created and wondered how I could dramatically simplify it. What I'm working on chops all the non-essential away to show where to start when looking at automating security controls.