We all know what the different parts of DevSecOps stand for and why there has been a movement to make each of these disparate elements work in tandem to accelerate and improve the application development process. By having the “Sec”…
Can Software Save Lives? Kessel Run Shows That It’s Possible!
In late July and early August of this year, America anxiously watched as – halfway across the globe – our country’s Department of Defense (DoD) worked tirelessly to evacuate more than 100,000 people from Afghanistan. This mission was a high-wire…
Colleges and Universities – the Next Big Target for Ransomware Attacks
The past few months have been witness to two massive ransomware attacks that have impacted organizations that are part of our country’s critical infrastructure – the attacks against the Colonial Pipeline Company and JBS, one of the country’s largest meat…
DevSecOps and Security Automation – Making Application Security a Part of Development
In my previous article on the GovDevSecOpsHub, I examined the need for identifying and eliminating application-level cybersecurity vulnerabilities – such as those found in IaC and APIs – and explained why application security is becoming such a difficult challenge for…
Three steps for expediting software delivery
In application development, and especially in DevSecOps environments, there is increased pressure for development teams to deliver applications more quickly. However, meeting the challenge of increasing productivity and accelerating development often comes at the cost of security. To ensure that…
Securing containers across the SDLC reduces opportunity for threat actors
Containers – or packages of bundled applications and all of the necessary dependencies, libraries and configuration files needed to run them – have seen rapid adoption in the application development world because of their ability to overcome the problem of…