Tag: shift left
Software Quality is the Heartbeat of the Best Organizations
JPMorgan recently announced it was hiring 2,000 engineers, despite the gloom in global economic markets. Is this not an odd risk for an organization to take, given the demand for (and cost ...
Adopting Shift Left Testing in Software QA
I am often asked to recommend best practices for building software testing programs. The problem is that it depends on your definition of “best.” What works for an innovative startup developing software ...
Where Does Your Data Go?
One of the most interesting developments in security and compliance in recent years is the ability to follow a piece of data through an application from input to consumption and see each ...
ShiftLeft Report Reveals State of Application Security
A report published today by automated application security testing platform ShiftLeft found only one in three applications has an attackable vulnerability. The report also found organizations that prioritized their remediation efforts based ...
At Some Point, We’ve Shifted Too Far Left
Those of us involved in DevOps have a tendency to see the world with blinders on. It is rather easy to fall into the “If all you have is a hammer, everything ...
Threat Modeling as a DevSecOps Practice
Software engineers are always under pressure to build more software, faster. At the same time, there is increasing regulatory and market pressure for secure software that meets users’ and regulators’ requirements for ...
Competing Priorities Prevent Devs From Creating Secure Code
The recently released Secure Code Warrior State of Developer-Driven Security Survey revealed that developers continue to wrestle with secure coding practices in a working environment that has long prioritized features and functionality ...
SRE Vs. DevOps: The Wrong Question?
The age-old question about the competition between DevOps and SRE sets up a false dichotomy. DevOps is a methodology while SRE is a team within operations. Although the two are often pitted ...
Shift Left is Only Part of Secure Software Delivery
We’re living in the age of accelerated consumption and delivery. You can get a seemingly infinite selection of products delivered to your door within two days, for free, from thousands of miles ...
Embedded Connectivity Solves the Right (and Left) Problem
In Steven Bellovin’s book, "Thinking Security: Stopping Next Year's Hackers," (2015) he wrote: "Companies are spending a great deal on security, but we read of massive computer-related attacks. Clearly, something is wrong ...
Improving Software Security in 2022
The recent Log4j vulnerability showed just how quickly a security bug could disrupt not just an industry, but the entire world. Organizations, especially federal agencies, will always find themselves at some level ...
2022 Will Be the Year of the Cyber ‘Shift Show’
As ransomware continues to plague organizations across industries, remote work continues and innovation brings with it new threat vectors for bad actors to exploit, 2022 is poised to be another messy year ...