Blog

Secure Software Supply Chain: 5 Insights from the 2021 Anchore Software Supply Chain Security Report

Secure the Software Supply Chain: 5 Insights from the 2021 Anchore Software Supply Chain Security Report

The challenge of building and maintaining a secure software supply chain continues to vex enterprise IT leaders. We recently surveyed IT, security, and development leaders in the Anchore 2021 Software Supply Chain Security Report to get some insights into these challenges they and their teams face daily. Here’s a preview of our survey results: Highlights …

Secure the Software Supply Chain: 5 Insights from the 2021 Anchore Software Supply Chain Security Report Read More »

Gartner’s 12 Things to Get Right for Successful DevSecOps: A Study in DevSecOps Best Practices

By 2023, more than 70% of enterprise DevSecOps initiatives will have incorporated automated security vulnerability and configuration scanning for open-source components and commercial packages, which is a significant increase from fewer than 30% in 2019. Automated security vulnerability and configuration scanning are amongst the DevSecOps best practices that Gartner addresses in their 12 Things to …

Gartner’s 12 Things to Get Right for Successful DevSecOps: A Study in DevSecOps Best Practices Read More »

3 Tips for getting Stakeholder Buy-in for DevSecOps

3 Tips for getting Stakeholder Buy-in for DevSecOps

Gaining stakeholder buy-in for DevSecOps comes with some upfront work. You don’t want to present to your department’s leadership, much less your C-Suite, to talk about DevSecOps unless you have an accurate picture of where your development teams are currently and where they need to go in the future. Here are three tips for preparing …

3 Tips for getting Stakeholder Buy-in for DevSecOps Read More »

The Current State of the Container Registry

A container registry is becoming a necessity for organizations using containers in cloud-native development projects because it enables them to reuse software components that have already been through a vulnerability scan and other compliance checks.  Here’s a look at the current state of container registries: What’s a Container Registry? A container registry, sometimes called a …

The Current State of the Container Registry Read More »

Cybersecurity Executive Order Brings FedRAMP Changes Aplenty

On May 12, 2021, President Biden’s Executive Order on Improving the Nation’s Cybersecurity finally hit the street. Amongst all its goodness about the software bill of materials (SBOM), software supply chain security, and cybersecurity there’s some good news about FedRAMP and these developments are going to be a major step forward for government cloud security, …

Cybersecurity Executive Order Brings FedRAMP Changes Aplenty Read More »

Latest Cybersecurity Executive Order requires an SBOM

Latest Cybersecurity Executive Order Requires an SBOM

On Wednesday, May 12, 2021, President Biden’s new and much-expected Executive Order on Improving the Nation’s Cybersecurity was published. This new executive order (EO) includes a major element outlining new guidelines for how US federal government programs are to interact with industry software suppliers and partners, moving forward.   There are many notable improvements throughout the …

Latest Cybersecurity Executive Order Requires an SBOM Read More »

5 Reasons AI and ML are the Future of DevSecOps

As the tech industry continues to gather lessons learned from the SolarWinds and now Codecov breaches, it’s safe to say that artificial intelligence and machine learning are going to play a role in the future of DevSecOps. Enterprises are already experimenting with AI and ML with the hopes of reaping future security and developer productivity …

5 Reasons AI and ML are the Future of DevSecOps Read More »

2 SBOM & Software Supply Chain Security News Items to Watch

2 SBOM & Supply Chain Security News Items to Watch

We aren’t about to stop hearing about the need for a software bill of materials (SBOM) and software supply chains security anytime soon. You can expect more news about a Presidential executive order about SBOMs and a new software supply chain breach at Codecov that we’re all still learning more about. Impending Executive Order about …

2 SBOM & Supply Chain Security News Items to Watch Read More »