DevSecOps automation is one of the most significant benefits of shifting security left in your development process. The aftermath of the SolarWinds and Codecov breaches should be at the top of mind if your organization is contemplating a move to DevSecOps. In order to ensure process efficiencies, DevSecOps relies on automation, which enables developers, infrastructure, …
As we put away our beach chairs and pool toys, now that Labor Day is past us, it’s time to refresh your DevSecOps best practices if your organization is moving employees back to the office on a part-time basis. While your developers should capitalize on their remote work wins, hybrid work can require different approaches …
DevOps supply chain security is becoming another use case for DevSecOps as enterprises seek innovative solutions to secure this attack vector. 60% of the 2021 Anchore Software Supply Chain Report considers securing the software supply chain as a top or significant focus area. DevSecOps gives enterprises the foundational tools and processes to support this security …
DevOps Supply Chain Security: A Case for DevSecOps Read More »
Kubernetes security best practices are a necessity now as Kubernetes is becoming a defacto standard for container orchestration. Many of the best practices focus on securing Kubernetes workloads. Managers, developers, and sysadmins need to make it a habit to institute early in their move to Kubernetes orchestration. Earlier this year, respondents to the Anchore 2021 …
Software supply chain security risks continue to be a growing concern for commercial and public sector enterprises after the high-profile SolarWinds and Codecov attacks. The Gartner report, How Software Engineering Leaders Can Mitigate Software Supply Chain Security Risks, outlines how software engineering leaders can best guide their teams to protect the integrity of the software …
DevSecOps is playing a growing role in cloud migrations in the public sector. Even before the Executive Order on Improving the Nation’s Cybersecurity Executive Order, agencies had to face cloud migrations with an eye on security to ensure their cloud projects met FedRAMP compliance. Here are some ways that DevSecOps can help your agency meet …
5 Ways DevSecOps helps Counter Public Sector Cloud Migration Security Challenges Read More »
As the public sector and businesses face unprecedented security challenges in light of software supply chain breaches and the move to remote, and now hybrid work, means the time for policy-as-code is now. Here’s a look at the current and future states of policy-as-code and the potential it holds for security and compliance in the …
The Power of Policy-as-Code for the Public Sector Read More »
The broad impact of software supply chain attacks is clear in the findings of our recent 2021 Anchore Supply Chain Security Report. As malicious actors continue to advance the threat landscape in creative and alarming ways, Anchore commissioned a survey of 400+ enterprises with at least 1,000 employees to find out how real the impact …
The Broad Impact of Software Supply Chain Attacks Read More »
Strategic planning as a DevSecOps best practice is what Gartner addresses in their Integrating Security Into the DevSecOps Toolchain report. Such planning is crucial because it enables enterprises to face the key challenges that DevOps poses to their in-house development, operations, and security teams. Here are two illuminating stats from the report: By 2022, 90% …
The time is now to review your current DevOps methodology and look for areas of improvement. The fog is lifting off our pandemic-enforced lockdowns and your teams have most definitely learned a lot during the past year-plus of remote work. Most of all, your teams have had to stretch and pivot because your in-place development …
5 Tips for Improving your DevOps Methodology Post-COVID Read More »