Collaborate Disseminate
About a year ago during my talk at the Nexus User Conference, and during a Virtual Session for RSA Conference APJ, I mentioned that a pipeline shouldn’t fail just because a security vulnerability was detected by scanning tools. That statemen… Continue reading Security Should Stop Being a Drag
Earlier this Summer, the National Institute of Standards and Technology (NIST), a part of the U.S. Chamber of Commerce, proposed a set of standards to address software supply chain attacks – and the growing need for better software security.
The p… Continue reading NIST Proposes Standards to Secure Government SDLC
As leaders in software composition analysis (SCA), we know its role throughout today’s software supply chain.
SCA was born out of necessity. How else could innovators discover, identify, and track open source software (OSS) components within… Continue reading Why Software Composition Analysis (SCA) Demands Precision
For many users, software often isn’t really appreciated until something breaks. Constant availability is an expectation, but, of course, 100% availability isn’t really a reality. When high-profile systems, like Netflix or AWS have outa… Continue reading Using Process Oriented Design (POD) to Increase the Dependability of DevOps Processes
Yesterday the UK’s Information Commissioner Office proposed record setting fines under GDPR for £183 million to British Airways, followed by today’s announcement of a proposed £99 million fine to Marriott International follow… Continue reading GDPR Gets Teeth: British Airways and Marriott Fined