451 Research Report Highlights Value of DevSecOps for the CI/CD Pipeline

April 27, 2018 by Tony Bradley 0 Comments

One of the compelling benefits of DevOps for many organizations is speed. Between breaking down silos, streamlining processes and automating routine tasks, the process of developing and deploying software can be significantly faster. A new report from 451 Research and Synopsys, however, points out the value of incorporating DevSecOps in the equation, especially with continuous […]

Simplify DevSecOps with a Zero Trust Approach

April 19, 2018 by Tony Bradley 0 Comments

There are major cyberattacks and data breaches weekly, if not daily. Each incident is unique in some way, but one element common to almost all successful attacks is trust. Whether it’s a disgruntled employee conducting an insider attack, an attacker infiltrating the network using stolen credentials or an exploit that leverages a third-party vendor or […]

You Build It, You Secure It: Higher Velocity and Better Security with DevSecOps

February 16, 2018 by Deborah Schalm 0 Comments

It’s 30 times cheaper to fix a security defect in Development vs. Production, yet Security is often treated as an afterthought and a bottleneck. It doesn’t have to be that way. DevSecOps practices build security and quality into the software delivery process by making EVERYONE responsible for security at every stage. Join John Willis, Electric […]

HashiCorp Extends Secrets Management Reach

April 11, 2018 by Mike Vizard 0 Comments

Secrets management is core to DevSecOps—how credentials are managed can make all the difference in preventing an application from being compromised in the first place. The challenge is making it as simple as possible for developers to access where most of those credentials are stored in the enterprise. HashiCorp this week released an update to […]

Early Automation: A Key Requirement for DevSecOps Success

April 10, 2018 by Veritis 2 Comments

According to the “2017 DevSecOps Community Survey,” by Sonatype, almost 60 percent of the respondents consider security to be an inhibitor to DevOps agility, while more than 50 percent of developers say they do not have sufficient time to allocate to security. Hence arises the need for enhanced security automation in DevOps. Security automation helps […]

DevSecOps: Don’t Invest In Hope

March 23, 2018 by Derek E. Weeks 0 Comments

A successful DevSecOps approach is rooted in action, not hope. There is a lot of investment in hope. I hope we won’t get breached. I hope our DevOps teams aren’t deploying thousands of vulnerable containers. I hope our developers aren’t downloading millions of vulnerable open source components. I hope our developers and security teams will […]

DevSecOps: Digging into Root Cause Analysis

March 16, 2018 by Derek E. Weeks 0 Comments

We have all been there in a postmortem when someone says, “Let’s get to the root of the problem.” And, we all know what that means: Who or what is to blame? We also all know that no one wants to play the blame game, yet we all do. But it isn’t our fault (no […]

DevOps Isn’t Getting Cloud Security Right (and What Can Done About It)

March 15, 2018 by B. Cameron Gain 0 Comments

The song title of Billy Joel’s 1977 hit, “Get it Right the First Time” aptly describes what DevOps teams need to take to heart when making the jump to the public cloud. But in most cases, security is lacking in the pipeline when making the shift—and a change in DevOps culture and mindset is necessary […]

Recent Articles

200 Billion Downloads Can’t Be Wro…

Bridge the DevSecOps Experience Divide w…