Holding the industry accountable
4 minute read time
Humans often need to experience something before we change. As DevSecOps practitioners and leaders we should always be asking what needs changing and why.
Read More...
ZeroTrustOps: Securing at scale
5 minute read time
With zero trust, you assume everything on the network is unsafe. You have to check trust explicitly. This stance improves security throughout the SDLC.
Read More...
The World Bank Group's Cloud Journey With DevSecOps
5 minute read time
The World Bank Group works to end extreme poverty and boost shared prosperity. They work on many fronts handling sensitive data, a place for DevSecOps.
Read More...
Breaking Bad: DevOpsSec to DevSecOps
5 minute read time
Sean Davis (@seanasaservice) guides us through DevSecOps from a holistic view, using the television show Breaking Bad as the basis for our exploration.
Read More...
Department of Defense DevSecOps Journey
3 minute read time
The DevSecOps stack is open source and open to the public. Everything is infrastructure as code and can run on any environment, leveraging Kubernetes.
Read More...
Shifting Security Left: The Innovation of DevSecOps
3 minute read time
DevSecOps is a cultural shift that reinforces the mindset that everyone is responsible for security. Here's why this idea is so innovative and productive.
Read More...
Top 5 Tomcat Vulnerabilities
3 minute read time
If you spend time monitoring and patching OSS projects, you know Tomcat has some vulnerabilities. Today, Tomitribe walked us through 5 of those vulnerabilities.
Read More...
Build Better Component Practices: Crawl. Walk. Run.
4 minute read time
Whether you're just getting started or attempting to take the next step in improving your organization's open source processes, there are lessons you can.
Read More...
Dirty Rivers Flow Downstream, Leading to Dirty Reservoirs
6 minute read time
A reservoir is created by rivers and streams that flow into it. What if one of those rivers is polluted? It pollutes the whole thing.
Read More...