Andrew Storms is a DevOps and Information Security professional. He has been leading IT, Security and Compliance teams for the past 2 decades with enterprise security companies. His multi-disciplinary background also includes product management, quality assurance and software engineering. Andrew is also a well known security advocate and has been featured on CNBC, Forbes, Business Week, the Christian Science Monitor as well as many other publications. He holds a CISSP and is a graduate of the FBI citizens academy. Andrew covers the operational and cultural nexus of DevOps and Security teams.
If companies are to reach their strategic goals—reducing time to market, boosting sales, improving product market fit and brand image, and cutting cybersecurity costs—then it's time for a new outlook on software ...
DevOps and security. Its a muddled mix of waters made even more confusing by the wet ink still on the concept of DevOps. There is no denying the popularity of DevOps and ...
I’ve often said that the driving factor for many companies in adopting a comprehensive information security program are the dreaded “F” and “A” words - FUD and Audit. Technically FUD is an ...
When organizations write user stories for development it should include the acceptance criteria. The acceptance criteria being a detailed description of the expected features and functionality the story should deliver. Far too ...
Moving security to the left has become a coined phrase meant to describe the process of getting the security team involved earlier in a process. Most typically, the phrase is used in ...
Those of us highly focused on the delivery pipeline of DevOps will wonder why we should include the security guy to the party. After all, aren’t they just going to slow down ...
Security Automation By Example The Firewall Change Just when you thought DevOps was the new black, along comes SecDevOps. Yes folks, like most things in life, the new cool is already here ...
Chef CEO Barry Crist stirs the pot to open ChefConf 2014 The theme from ChefConf 2014 is stirring delight and if you listened to Barry Crist during todays opening keynote, then you ...
Based on my unscientific poll of friends, one of the least used and most overlooked features of AWS is CloudWatch. Not only can CloudWatch be used to monitor the availability of your ...
Its always great when companies can invest in tools that serve multiple groups and purposes. Ensuring proper setup and use of logs is one toolset that can serve both DevOps and Security ...