This is a 10 minute overview of what I think DevSecOps is, has become, etc. It was originally for an IDC Nordic conference.
Tag Archives: DevSecOps
What is DevSecOps? Part Two: Automating Verification and Guardrails
https://www.youtube.com/watch?v=K9fVZU-e2Gk&list=PLAdzTan_eSPRNuA52_34wh5VTBC-0Rz7U&index=1 What is DevSecOps? Part 02: Automating Verification and Guardrails What is DevSecOps? Here’s part two of what I think it is, actual new tools you can use when it comes to verifying/trusting what’s in your apps and putting out guardrails for developers. Plus, some repaving for you 3 R’s OGs. Check out my write-up …
Continue reading “What is DevSecOps? Part Two: Automating Verification and Guardrails”
What is DevSecOps? Part One: A Secure Software Supply Chain
https://www.youtube.com/watch?v=0fRYNaeGW_k&list=PLAdzTan_eSPRNuA52_34wh5VTBC-0Rz7U&index=3 What is DevSecOps? Part One: A Secure Software Supply Chain I’ve been trying to figure out what exactly the Sec in DevSecOps is for a couple years or so, and I think I’ve got something. Three things in fact. Keep in mind that DevSecOps isn’t all of security, it’s just a small subset that …
Continue reading ” What is DevSecOps? Part One: A Secure Software Supply Chain”
May 31st, 2022: DevSecOps talk at IDC DevOps conference
Next week, May 31st 2022, I’m giving a short talk on DevSecOps at an IDC conference. It’s based on my recent blog post. I think it’s a free event, and all online. Register and check it out – lots of other interesting talks too.
What is DevSecOps?
In this longer blog post, I go over how I’ve finally come to think about what DevSecOps is.A summary of what the post covers:1. A secure software supply chain – This is a fancy way of saying “we know all the components that went into building and deploying this software and trust those components.” It also includes …