Shifting Security Left: The Innovation of DevSecOps
Rethinking Your Measurement and Metrics for Agile and DevOps
Application security, or AppSec, is hard. For development teams, it often comes into development late in a release cycle and demands changes to the software that seem unreasonable. For the AppSec team, being introduced to a project after the application has been designed and much of the code has been written means there will be […]
Agile Tips to Make the Most of Conferences
One of the key conversations organizations and teams forget about in their transition to agile and DevOps is updating their measurement and metrics plan. Many companies are still using measurements and metrics from the traditional waterfall software development lifecycle. While some of these remain useful, many may not provide value to the team or organization—and […]
Career Options for Testers in the Age of Agile and DevOps
Time spent at a conference is precious, so you should make sure there is a return on that investment. What better way to do so than to leverage agile ideas? Here are a few tips based on the principles behind the Agile Manifesto for getting the most out of attending a conference. Embrace change Like […]
The Metrics behind High-Performing DevOps Organizations
I’m often asked about the future of the testing role. Should I change my career direction? What’s in store for testing roles? Will there be a need for quality and testing expertise in the future? As a quality engineer, or tester, or testing leader, where do I go from here? No one has a crystal […]
Top 10 Coveros Blogs of 2019
The 2019 Accelerate State of DevOps report was recently released. This annual research compilation is a great resource to see what’s going on in the world of agile and DevOps. The report evaluates organizations against five key metrics, collectively called software delivery and operational performance metrics: Lead time for changes: How long does it take for a […]
Red Tape and Federated Users
We like to take a look at our top blogs each year and see what everyone is interested in so we can create interesting content for the new year.
Understanding the Role of QA in DevOps: An Interview with Gene Gotimer
Background A client recently wanted to move several DevOps and scanning tools into the cloud, to which they were in the process of proving out and transitioning. We had a number of security scanning and static analysis tools, along with corresponding dashboards and a continuous integration server to orchestrate them. All of these tools were […]
Debunking 4 Myths of DevSecOps Adoption
Gene Gotimer, senior architect at Coveros Inc., discusses understanding the role of QA in DevOps, DevOps educational tools, trusting your team, and paid and open source security tools.
How to Get Security Groups to Join Your DevSecOps Journey
Every day organizations incorporate DevSecOps into their software development, security, and operations practices to ensure they can build critical security controls into their agile software delivery. According to one survey, 84 percent of respondents said it’s difficult to reduce risk to their applications because they’re not able to monitor, detect, and prevent attacks at the application level. […]
DevSecOps shifts security practices left and assures earlier that your application isn’t vulnerable to breaches. But convincing a security group to get on board with your DevSecOps journey may not be an easy task. These four points can help you prove to your security group that DevSecOps is in everyone’s best interest.