While offering a service or solution that still operates on-premise, on bare metal may seem as archaic and old-school as inserting a CD into a stereo to listen to music, it’s still quite common. Especially in the public sector, where…
PODCAST: AST, DevSecOps and Developer Training – Three Essential AppSec Tools
Massive cyberattacks and breaches that originated in applications, including the recent SolarWinds breach that impacted as many as ten government agencies, and the more recent Kaseya breach which may have impacted hundreds of companies, have rightfully raised questions about application…
Five Key Concepts Enabling DevSecOps
In my last article on the GovDevSecOpsHub, I shared with you how cultural change is necessary to make DevSecOps possible within government agencies. However, cultural change isn’t all that’s opening the door to embracing DevSecOps. There are also five essential…
Why Culture is Everything in DevSecOps
In recent articles on the GovDevSecOpsHub, my associate, Rick Stewart, defined DevSecOps, and the need for a collaborative approach that includes all aspects of the development lifecycle, including security. DevSecOps is the result of several paradigm shifts from waterfall methodologies,…
Digital Transformation, Modernization, and…Your Health?
The recent passing of my mother and a health scare with my mother-in-law caused me to reflect upon my current health. I realized that the habits formed when my body was younger had caught up to my older self, and…
It’s Time to Evolve from DevOps to DevSecOps
As I discussed in my last piece on the GovDevSecOpsHub, the DevOps approach to software production helps to foster faster creation of applications with a higher degree of availability and reliability. By encouraging collaboration between development and operations teams and…
