Announcing DevOps Connect: DevSecOps Days Virtual Summit

March 12, 2019 by saleem 0 Comments

We just wrapped up our fifth annual DevSecOps Days @ RSA Conference 2019, featuring an exceptional lineup of speakers and a variety of informative sessions, providing an unparalleled experience for all. If you couldn’t make it to San Francisco for RSAC or missed any sessions, we’ll be hosting a virtual version of DevSecOps Days @ […]

DevSecOps: Fortanix Adds Open Source Rust SDK to Build Encrypted Apps

March 6, 2019 by Mike Vizard 1 Comments

There’s a lot of focus these days on DevSecOps as part of an effort to fix what’s generally acknowledged as a broken cybersecurity paradigm. But instead of trying to ensure every potential vulnerability is addressed before an application is deployed, another idea is gaining momentum among the DevOps community: Build applications that are secure in […]

Survey Finds Mixed Progress on DevSecOps

March 4, 2019 by Mike Vizard 0 Comments

A survey of 5,558 IT professionals published today by Sonatype in collaboration with CloudBees, Carnegie Mellon’s Software Engineering Institute, Signal Sciences, 9th Bit and Twistlock finds 27 percent of organizations have mature DevOps practices in place, while another 48 percent are still working on improving them. Despite the DevOps works that remains to be accomplished, […]

DevOps Chat: AppSec and DevSecOps with Contrast Security’s Jeff Williams

March 4, 2019 by Alan Shimel 0 Comments

I have known of Jeff Williams in the security industry for more than several years. He is a well-respected thought leader in AppSec and OWASP. I finally got a chance to catch up with Jeff and talk with him about Contrast Security, the company he co-founded and how it is helping. In this DevOps Chat, […]

DevOps and Security: The Path to DevSecOps

March 4, 2019 by Subramonian Krishna Sarma (Subbu) 0 Comments

A secure DevOps is highly beneficial for organizations. However, a secure DevOps environment shouldn’t be the end goal. When it comes to DevOps security, it’s important to integrate security right from scratch, secure the entire architecture, automate the security and use this technology to test the environment and the codes and respond to concerns immediately. […]

DevOps Chat: Repos and Nexus Firewall Access, with Sonatype

February 28, 2019 by Alan Shimel 0 Comments

There are really only two repositories of any scale for software components today: the Nexus repo managed by Sonatype and the Artifactory artifact repo managed by JFrog. Up until now they were separate and apart, and working with one was independent of another. In a big move toward keeping DevOps open and secure, the Sonatype […]

Can DevSecOps Prevent a Zombie Apocalypse?

February 25, 2019 by Ran Ilany 3 Comments

Making consistent progress within any DevSecOps initiative often can be an overwhelming undertaking. Developers tend to outnumber operations dramatically, with little to no security accountability. This leaves DevSecOps doomed to work with the same network security stack that was originally designed decades ago for on-premises environments. Still, the expectation is to support shrinking deployment cycles […]

Security Testing: Reducing Resistance to Change in an Agile and DevOps World

February 20, 2019 by Andrew van der Stock 1 Comments

Security Testing Reducing Resistance Agile DevOps

Software development has evolved, but security testing has not. That has to change In the bad, old days—which, sadly, many are still living in—security testing was tacked onto the end of the development process. Security testing hasn’t been a feature of software engineering for around 15 years now, since agile supplanted waterfall as the primary […]