Collaborate Disseminate
Following a growing trend in software supply chain attacks which use “dependency or namespace confusion” techniques, I sat down for a discussion on software supply chain security with a few experts on the topic.
The post Securing Software Supply C… Continue reading Securing Software Supply Chains and Dependency Confusion – An Industry Perspective
Following the end of 2020 software supply chain attacks on SolarWinds that impacted multiple government agencies and private sector companies, President Biden issued a 2021 executive order asking for a comprehensive review of all government suppl… Continue reading White House Releases Executive Order on America’s Software Supply Chains
If you didn’t know what a software supply chain was – let alone a software supply chain attack – you do now. As someone who’s been researching, studying and talking about this attack vector for the past seven years, the malicious attack on SolarWi… Continue reading The SolarWinds Software Supply Chain Attack: How Developers Can Protect Applications
If money “makes the world ’go round” — then today, software developers are the ones pushing and spinning the globe. Every day developers ensure that digital money (and other financial products and services) is securely routed ar… Continue reading Money Doesn’t Buy Happiness, But Happy Developers Protect Money
Since 2017, I’ve reported in our annual State of the Software Supply Chain Report that the average time between an open source vulnerability being announced and subsequently exploited was three days. We saw this exploit time with Equif… Continue reading SaltStack: 20 Breaches Within Four Days
I’ve now been working from home for 30 days since Maryland closed our public schools and advised its citizens distance themselves. It was also 30 days ago that we had nearly 1,000 executives and managers at State Farm preparing to rece… Continue reading Free DevOps: Hatched in Response to COVID-19
The results are in: happy developers working in teams with mature DevSecOps practices produce more secure software.
The post Happy Developers Produce More Secure Software, Better Business Outcomes appeared first on Security Boulevard.
Continue reading Happy Developers Produce More Secure Software, Better Business Outcomes
Jez Humble’s (@jezhumble) career has spanned roles through coding, infrastructure, and product development across three continents and organizations of varying sizes. To say he knows a lot about continuous delivery is a total understatement…. Continue reading Continuous Delivery For All
Four years ago, my colleague Mark Miller and I founded the All Day DevOps conference with seven friends from around the community. We planned the conference in 90 days and expected 1,000 folks to show up to listen to the 57 speakers we had v… Continue reading Sonatype Partners with All Day DevOps to Deliver the Largest DevOps Conference for 36,000
Today dev, ops, and security — all three silos — are working in synergy in top-performing DevOps organizations – what we know as DevSecOps.
Aditya Balapure (@adityabalapure) is an infosec specialist at Haven. He was at GrubHub when he spoke at t… Continue reading Make Sure to Cover Your Auth