The Security Ledger

OCTOBER 4, 2023

Tanya Janca of the group We Hack Purple, talks with Security Ledger host Paul Roberts about the biggest security mistakes that DevSecOps teams make, and application development’s “tragedy of the commons,” as more and more development teams lean on open source code. The post Episode 253: DevSecOps Worst Practices With Tanya Janca of We Hack.

Education 97

Education IoT Security IT 97

Data Breach Today

OCTOBER 8, 2019

Johnathan Nicholson, Former Interac CISO, on How to Change the Culture How can organizations overcome resistance to implementing DevSecOps? Johnathan Nicholson, former CISO at Interac, the Canadian interbank network, provides insights.

140

140

The Last Watchdog

APRIL 5, 2021

The awareness that the typical approach to DevOps was downplaying the role of security led to an evolution of this workflow, which today has come to be known as DevSecOps. Technicalities aside, this partnership also represents a significant step forward in DevSecOps and in the perception of source code protection as a valuable security layer.

Marketing 164

Marketing Security IT 164

IBM Big Data Hub

OCTOBER 10, 2023

IBM Cloud for Financial Services helps clients create secure and compliant hybrid cloud solutions with a focus on the complete software lifecycle (including continuous integration (CI) , continuous delivery , continuous deployment and continuous compliance) by using IBM Cloud DevSecOps (also known as One Pipeline).

Cloud 82

Cloud Financial Services Compliance Risk 82

Dark Reading

JANUARY 30, 2023

Solutions that provide more actionable results — remediation that frees up engineers, processes which integrate security into software development from its design, along with automation, IAC, and tool consolidation — are among the DevSecOps strategies that will prevail this year.

Security 77

Security IT 77

Data Breach Today

JUNE 28, 2019

Since Sentara Healthcare adopted a DevSecOps approach, CISO Daniel Bowden says, his security team has gained improved visibility into the entire application development process.

Security 134

Security 134

Dark Reading

AUGUST 26, 2022

DevSecOps can help overcome inheritance mentality, especially in low- and no-code environments.

98

98

Data Breach Today

OCTOBER 18, 2023

Pyongyang Hackers Exploiting Critical TeamCity Server Bug North Korean nation-state threat actors are exploiting a critical remote code execution vulnerability affecting multiple versions of a DevSecOps tool - a high-risk development, especially in light of Pyongyang hackers' recent track record of supply chain hacks.

Risk 315

Risk 315

Dark Reading

APRIL 25, 2022

The DevSecOps journey is well worth undertaking because it can improve communication, speed up development, and ensure quality products.

Communications 91

Communications Security IT 91

Thales Cloud Protection & Licensing

OCTOBER 17, 2023

Three Easy Ways to Improve DevSecOps with Thales and Red Hat divya Tue, 10/17/2023 - 14:47 For many DevOps enthusiasts, the need to insert security considerations directly into the development cycle was often overlooked. There is an increasing number of solutions and tools to help DevOps and IT Teams embrace DevSecOps.

Encryption 71

Encryption Cloud Communications Analytics 71

ForAllSecure

MAY 2, 2023

To mitigate these risks, organizations are increasingly turning to DevSecOps, a methodology that integrates security into the software development process from the very beginning, with the goal of delivering safer applications, faster. This is where the continuous integration part of the CI/CD process comes in.

Security 52

Security Risk Data breaches Compliance 52

The Last Watchdog

APRIL 30, 2020

Some credit for that decline surely goes to the DevSecOps movement that has come into its own in the past two to three years. DevSecOps proponents are pushing for security-by-design practices to get woven into the highly agile DevOps engineering culture. Fail fast’ by design Back to DevSecOps.

Financial Services 133

Financial Services Security Marketing IT 133

Dark Reading

AUGUST 23, 2022

Almost half of teams develop and deploy software using a DevSecOps approach, but security remains the top area of investment, a survey finds.

Security 99

Security 99

Data Breach Today

AUGUST 9, 2018

Experts Offer Insights on Addressing the Challenges Although there's widespread agreement that addressing security early in the software development cycle is an essential component to any breach prevention strategy, implementing DevSecOps can prove challenging.

Security 100

Security 100

ForAllSecure

APRIL 27, 2023

It wasn’t long before security followed, with DevSecOps now shorthand for modern application security—and everything from SAST, DAST and SCA shoehorned into developers’ toolchains and workflows. Instead of treating security as an afterthought, the DevSecOps process makes it a priority from the very beginning.

Security 52

Security Risk Education IT 52

ForAllSecure

MAY 19, 2023

DevSecOps is a practice that integrates security into the DevOps workflow. This blog post explores the DevSecOps best practices that development teams can use to ensure that security is ingrained in the development process, leading to better products with reduced security risks and faster time-to-market.

Compliance 52

Compliance Libraries Risk Security 52

ForAllSecure

AUGUST 11, 2020

In a TechRepublic whiteboard video, host Bill Detwiler speaks to Dr. David Brumley, Carnegie Mellon University professor and CEO of ForAllSecure, about the ways organizations can benefit by using DevSecOps.

52

52

ForAllSecure

MAY 9, 2023

DevSecOps has transformed the software development landscape, embedding security practices at each stage of the development and delivery pipeline. While the DevSecOps approach has (rightfully) been lauded for helping teams produce safer software, it has come with its own set of problems. Get Mayhem Free Request A Demo 3.

Risk 52

Risk Security IT Communications 52

ForAllSecure

AUGUST 11, 2020

In a TechRepublic whiteboard video, host Bill Detwiler speaks to Dr. David Brumley, Carnegie Mellon University professor and CEO of ForAllSecure, about the ways organizations can benefit by using DevSecOps. What is DevSecOps? Simply put, DevSecOps is a method for folding security in throughout the software development lifecycle.

Paper 52

Paper Security IT 52

ForAllSecure

AUGUST 11, 2020

In a TechRepublic whiteboard video, host Bill Detwiler speaks to Dr. David Brumley, Carnegie Mellon University professor and CEO of ForAllSecure, about the ways organizations can benefit by using DevSecOps. What is DevSecOps? Simply put, DevSecOps is a method for folding security in throughout the software development lifecycle.

Paper 52

Paper Security IT 52

ForAllSecure

AUGUST 11, 2020

In a TechRepublic whiteboard video, host Bill Detwiler speaks to Dr. David Brumley, Carnegie Mellon University professor and CEO of ForAllSecure, about the ways organizations can benefit by using DevSecOps. What is DevSecOps? Simply put, DevSecOps is a method for folding security in throughout the software development lifecycle.

Paper 52

Paper Security IT 52

ForAllSecure

JUNE 22, 2021

First and foremost, if you’re implementing DevSecOps in the DoD, kudos to you for taking initiative. DevSecOps is enabling the Department to develop quickly and securely, so organizations can continuously meet critical and urgent needs of the warfighter. Putting the “Sec” in DevSecOps.

Security 52

Security Compliance IT 52

Dark Reading

FEBRUARY 10, 2022

Program enables alliance and solution partners to extend the capabilities of their DevSecOps offerings through seamless integrations with the Dynatrace platform.

53

53

Adam Shostack

FEBRUARY 13, 2019

I did a podcast with Mark Miller over at DevSecOps days. It was a fun conversation, and you can have a listen at “ Anticipating Failure through Threat Modeling w/ Adam Shostack.”

IT 58

IT 58

Adam Shostack

JUNE 12, 2020

The Sonatype 2020 DevSecOps Community Survey is a really interesting report. Most interesting to me is the importance of effective communication, with both tools and human communication in developer happiness. But even more important is my belief that to reach developers Star Wars is better than Star Trek is confirmed. No bias there.

Communications 52

Communications Security 52

ForAllSecure

MAY 30, 2023

DevSecOps is more than just a buzzword—it's a game-changing approach for modern software development teams. So what DevSecOps tools do you need? In this blog post, we'll delve into the five essential boxes that your DevSecOps tools need to check. Gone are the days of slapping security on as an afterthought.

Security 40

Security Compliance Analytics Marketing 40

Data Breach Today

SEPTEMBER 13, 2022

Chaillan, a former DHS and DOD adviser, shares his opinions about the government's handling of DevSecOps and cybersecurity, where progress is being made and where more work needs to be done. In this episode of "Cybersecurity Unplugged," U.S. Air Force Chief Software Officer Nicolas M.

Cybersecurity 216

Cybersecurity Security Government 216

Dark Reading

MAY 8, 2020

DevSecOps is a big and sometimes difficult shift for organizations. The key to success? Take small steps.

103

103

Data Breach Today

SEPTEMBER 14, 2021

Risk Assessment, Improving DevSecOps, Cryptocurrency Risk Research Drive Deals Merger and acquisition activity picked up in September with BitSight, Tenable and Mastercard, all making deals. Moody's became BitSight's largest shareholder after making a $250 million investment in the company.

Risk 264

Risk 264

eSecurity Planet

MARCH 13, 2019

We define DevSecOps, how it relates to DevOps, and how security can be built into the application development process with minimal disruption.

Security 76

Security IT 76

Dark Reading

NOVEMBER 15, 2019

There's a skills and resources gap industrywide, but a DevSecOps approach can go a long way toward closing that gap.

Cloud 75

Cloud Security 75

The Last Watchdog

MAY 3, 2024

TC’s legacy An argument certainly can be made that TC foreshadowed “shift left” software security development practices and, ultimately, DevSecOps. Nadella I’d argue that TC laid the groundwork for continuous security integration, a core component of DevSecOps.

Security 100

Security Cloud Privacy Information Security 100

Dark Reading

AUGUST 5, 2020

But as DevSecOps continues to gain momentum over application security, organizations realize that adopting security in software development needn't be a drag on productivity, says Tim Mackey from the Synopsys Cybersecurity Research Center.

Security 46

Security Cybersecurity 46

Threatpost

JUNE 23, 2020

A recent DivvyCloud survey found that in 2019, a majority of respondents reported being in the final optimization stages of their cloud journey, with 59% indicating they are in the DevOps Optimization stage (an 11% increase from 2018).

Cloud 88

Cloud Security 88

Dark Reading

JUNE 7, 2018

Enterprise adoption of DevSecOps has surged in the past year, according to a study conducted at this year's RSA Conference.

47

47