The adoption of DevSecOps touches more than just your technology and security stakeholders within your organization. There’s a full spectrum of DevSecOps stakeholders spanning technology, security, and even your business units. The full DevSecOps Stakeholder spectrum includes: Technology Stakeholders The obvious stakeholders to feel some positive effects and challenges of moving to DevSecOps are your …
A DevOps to DevSecOps transformation works best with a structured framework acting as governance. When you approach such a transformation, putting structure around it allows you and your teams to stop, ask questions, and iterate on potential changes to your existing DevOps processes. Here’s a simple framework to help ensure an orderly DevOps to DevSecOps …
Creating a DevOps to DevSecOps Framework for your Organization Read More »
Whether your organization is moving from DevOps to DevSecOps or making the initial step from a traditional waterfall software development life cycle (SDLC) to DevSecOps, you need to account for how DevSecOps is going to change your teams. Here are five changes your teams can expect when your organization moves to DevSecOps: 1. Security becomes …
5 Ways a DevOps to DevSecOps Transformation Changes Teams for the Better Read More »
Hopefully, heralding the start of what is a happier new year for everyone, today we are pleased to announce the availability of Anchore Enterprise 3.0. Over the past 18 months since our last major release, much has happened in the world of software security (and beyond!). From the software supply chain becoming a national security …
Anchore Enterprise 3.0 introduces New Features to Secure the Software Supply Chain Read More »
One challenge that needs addressing in the software supply chain security fight is the balance between agility and redundancy in enterprise security strategies. There’s no better example of that than the recommendations about moving to DevSecOps and implementing Defense in Depth to improve your software supply chain security. DevSecOps and Software Supply Chain Security The …
DevSecOps and Defense in Depth for Software Supply Chain Security Read More »
When auditing your software supply chain security, it’s important not to forget building and maintaining the job skills of your software supply chain security team. Building skills amongst your software supply chain security team and setting expectations for skills and experience amongst your supply chain vendors is a prudent investment as you prepare for a …
5 Critical Job Skills for Software Supply Chain Security Professionals Read More »
Software supply chain attacks are going to be forever on the minds of CISOs and DevSecOps teams as commercial and public sector enterprises look for ways to avoid the headlines as the next SolarWinds. Now’s the time for technology, collaboration, and compliance processes to come together to help protect software supply chains. Here are seven …
7 Trends Lining Up to Fight Software Supply Chain Attacks Read More »
Questions around software supply chain attacks aren’t leaving the industry conversation anytime because of the SolarWinds attack. It’s time to review your software supply chain security fundamentals. Now that we’re in 2021, we can all expect newfound attention on securing the supply chain inside business and government. Let’s first define the role of the software …
Preparing for Future Software Supply Chain Attacks Read More »
DevSecOps seems to attract its share of myths. As we go into 2021, it’s time that we as an industry work to dispel those myths for our prospective customers, customers, and internal stakeholders across our organizations. Here are some common DevSecOps myths we can all work on dispelling in 2021: 1. Organizations lose control when …
As a company, Anchore has been tracking the growth of DevSecOps we’re seeing in the market and with our commercial and public sector customers during the past year. DevSecOps keep progressing despite everything that was going on with the pandemic. Our team recently got together and made some predictions about how DevSecOps will fare in …
2021 DevSecOps Predictions: A Year of Growth and “Shift-Left” Read More »