The Security Bottleneck

Read more in my free book. Transcript 02 – Security 14 reasons digital ,transformation fails in large organizations: number two security. There’s many things your security staff is gonna wanna do when it comes to making sure the software you build and run is secure. One, they’re gonna need to build up a risk profile …

What is DevSecOps? Part Two: Automating Verification and Guardrails

What is DevSecOps? Here’s part two of what I think it is, actual new tools you can use when it comes to verifying/trusting what’s in your apps and putting out guardrails for developers. Plus, some repaving for you 3 R’s OGs. Check out my write-up for what the other two are, and more details. Also, …

 What is DevSecOps? Part One: A Secure Software Supply Chain

I’ve been trying to figure out what exactly the Sec in DevSecOps is for a couple years or so, and I think I’ve got something. Three things in fact. Keep in mind that DevSecOps isn’t all of security, it’s just a small subset that focuses on the software you write and run. Anyhow, here’s the …