Posts Tagged ‘devsecops’

A Look at DevOps in 2020: Sonatype’s Community Survey

DevOps teams routinely deal with the most sensitive needs of an organization: security, governance, and compliance. However, not every organization is on the same page when it comes to DevOps, which can leave developers feeling overwhelmed and overworked. Sonatype recently released findings from its seventh annual DevOps Community Survey that examines the differences between mature […]

DevSecOps and Release – Security Architect

In my previous post, DevSecOps and Release Coordination, I introduced the idea of four key players in the DevSecOps mediated release management process. The idea is to consolidate the validation and approval steps from a “gated” process, and shift the actual work of validation earlier in development. In this post, we will explore the role […]

Secure Software Release Coordination

The ultimate goal of all software development is the secure software release of the system to a user-accessible production environment. However, the road from code to production is often a long and perilous one. To reduce the apparent risk associated with a production release, many organizations place “gates” at various points along the release path. […]

Application security assessment

The Importance of Threat Modeling

In the video linked below, I am joined by two cybersecurity experts from Ford Motor Company.  We discuss the value that threat modeling can bring to DevSecOps by moving things left (forward/sooner).  During the discussion, I mention drawing a picture of the process under review; this is explained in more detail in my post about […]

DevOps: Terms to Know

If you’re not a developer or IT specialist, technical lingo can be very confusing. Business decision-makers know the outcomes the technology can provide, but they don’t always know what DevOps means, or why CI/CD is important. Here’s a list of key DevOps terms that you can refer back to during your enterprise’s digital transformation.  Containers: […]

agile backlog groom

DevSecOps and Release Coordination

The Release Coordination Challenge Release Day.  There are few more terrifying words in the development team lexicon.  This is the moment of truth; will our efforts be for nothing or will we out eke out another production release?  And so many things can go wrong; have we missed critical requirements, did we failed to test […]

ChefConf 2019 – Are you ready for it?

ChefConf 2019 kicks off in Chef’s (and my) hometown of Seattle in less than two weeks on May 20th.  If you’re interested in going and haven’t already registered, check out more information here and use code Hugs4Chef19 for 10% off your registration. Things I hope to hear at ChefConf This year promises to be a […]

Cloud Trends in 2019: Responding to Greater Disruption

The following blog comes from an interview with Perficient’s Strategic Advisors Consulting Director, Victor Wolters, and is part of a series on cloud trends with experts from within Perficient. Undergoing a digital transformation is going to drastically change the technology that businesses utilize. That’s not a secret to businesses. Some don’t realize that this transformation […]

Leverage Containers for Digital Transformation

Software containers are taking over. Is your organization ready for the transformation? Organizations are gravitating towards software containers as a way to package, distribute, and run their applications. The benefits of container technology such as Docker and Kubernetes include: SPEED – Containers are lightweight relative to virtual machines. New application instances can be launched more […]