Mark Miller

Mark Miller serves as the Senior Storyteller and DevOps Advocate at Sonatype. He speaks and writes extensively on DevSecOps and Security, hosting panel discussions, podcasts, and webinars on tools and processes within the Software Supply Chain.

Sladjana Jovanovic and Bill McArthur Move Silos to Communities [VIDEO]

By Mark Miller on March 19, 2020 AppSec

2 minute read time

When we break down the barriers to communication and collaboration, we thrive as humans and as organizations. Sladjana Jovanovic shares her experiences.
Read More...

Kill the Restructure, Says Dr. Cherry Vu and Rob England [VIDEO]

By Mark Miller on March 05, 2020 featured

3 minute read time

Culture is an emergent property of the complex work system. It is an output not an input. Change the attitudes and behaviors, then that becomes culture.
Read More...

Eliza May Austin Asks Us to Question Everything [VIDEO]

By Mark Miller on February 27, 2020 AppSec

1 minute read time

Are silos good or bad? Is burnout real or imagined? Should people be jealous of pen testers? Questioning assumptions is key to discovery and well-being.
Read More...

Larry Maccherone Says Pixie Dust Security is an Epic Failure [VIDEO]

By Mark Miller on February 18, 2020 AppSec

1 minute read time

A fundamental DevSecOps failure, according to Comcast's Larry Maccherone, is believing that a sprinkle of pixie dust makes a completed application secure.
Read More...

Tara Hernandez Talks Code Rush, Google, DevOps

By Mark Miller on October 29, 2019 DevOps in the Cloud

2 minute read time

Tara Hernandez reflects on her time at Netscape in 1998, how that experience informs her present work, and what DevOps trends continue to evolve.
Read More...

How The Unicorn Project Aligns with The Phoenix Project

By Mark Miller on October 18, 2019 books

2 minute read time

In this podcast Gene Kim, author of The Phoenix Project, discusses his new book, The Unicorn Project. Gene talks about the overlap in storylines and why he chose to speak for software developers.
Read More...

Salesforce and Nexus: The Real Results of Automation [Video]

By Mark Miller on November 14, 2018 Nexus Firewall

1 minute read time

Mary Lee from Salesforce explains how automating the open source component approval process for 800 jar files went from 25 days of manual evaluation down to 5 minutes of automation with the Nexus
Read More...

Steps to Responsible Disclosure with Bas van Schaik, Man Yue Mo and Brian Fox

By Mark Miller on March 20, 2018 Open Source

2 minute read time

In this episode of the OWASP 24/7 Podcast Series, I speak with the research team at Semmle on how they discovered the Pivotal Spring framework vulnerability.
Read More...

DevSecOps Day at RSAC 2018 - Who Will be There

By Mark Miller on March 19, 2018 RSA Conference

3 minute read time

The DevSecOps Tribe continues to thrive as we plunge into 2018. At RSA Conference 2018, we'll all get together to hear the latest from practitioners who have succeeded, failed and everything else
Read More...