DevSecOps journey
Getting started with the Secure Software Development Framework (SSDF)
In today’s software-driven world, it’s crucial to ensure the security of software during development. Yet many software development life cycle (SDLC) models lack specific emphasis on software security, requiring the addition of ...
Did You Try Turning It Off and On?
The chapter, "Did You Try Turning It Off and On?" is included in Epic Failures in DevSecOps, Volume 2, which is available for free download ...
Six Memorable Sessions with Government DevSecOp Leaders: What We Learned
The afternoon of May 6th made clear that the time for DevSecOps is now across the federal government. An audience of over 500 attendees across the public sector joined together online to ...
Myth Busting in DevSecOps
Larry Maccherone leads the DevSecOps efforts at Comcast. In this episode of DevSecOps: The Good, The Bad, and The Ugly, he busts some common DevSecOps myths and shares more about his DevSecOps ...
The World Bank Group’s Cloud Journey With DevSecOps
Editor's Note: We are hosting DevSecOps Leadership Forum virtual events. Register to hear directly from leaders in London and North America. In this post, we cover what William Zhang, Andy Gao, and ...
DevSecOps Elite and Their Reference Architecture
Who are members of the DevSecOps elite, and what tools do they use? And, why should you care? The Sonatype community has a few insights. Two Sonatypers shared insights at DevOps World ...
Take This Interactive DevSecOps Reference Architecture For a Test Drive
How do you get started with DevSecOps? There is so much to consider -- people, processes, tools, and measurement. To help plan and build a DevSecOps practice we’ve offered 40 reference architecture ...
