By now, most organizations have heard of DevOps, and many have begun to adopt DevOps practices as a key enabler of software delivery. Organizations that employ an agile approach find DevOps practices a natural extension, and DevOps truly enables agile practices to flourish. Organizations typically start with implementing continuous integration, test-driven development, and test automation […]
The primary goal of DevSecOps is to ensure Security and Operations team members are engaged and collaborating with Development and Test from the very beginning of a project/product development. In addition to cultural shifts, it demands a linked toolchain of technologies to facilitate collaborative change. It requires pushing past departmental lines for more effective planning, […]
It has become standard practice for modern software development organizations to integrate open source components into their products, as it enables them to leverage existing solutions and technologies, thereby avoiding the need to reinvent the wheel. In fact, open source repositories like Maven Central are reporting record increases in downloads annually (30 Billion in 2015, […]
Many organizations we work with have some understanding of front-end testing using tools like Selenium. However, they struggle to prioritize, understand or properly implement security scanning in their Agile/DevOps Development process. One of the easiest ways to implement security testing with little to no additional effort is to use OWASP Zed Attack Proxy in conjunction […]
Another security conference has come and gone and I surprisingly do not feel the doom and gloom of knowing that my data is being utterly owned. Two of the more interesting talks focused on protecting environments through Powershell and how to thoroughly test applications with more than just limited security automated tools. Defending with Powershell […]
