Using Your Software Delivery Process to Achieve NIST 800-53 Compliance
Download Whitepaper Now
ON DEMAND WEBINAR WATCH NOW
1000+ DOWNLOADS GRAB IT NOW
Amidst this growing tension around emerging cyber threats, one of the hottest topics in the software industry is ASPM (Application Security Posture Management). And rightly so, organizations must have a conversation around their ongoing AppSec practices and how to improve their security posture further. Need for a strong AppSec posture According to this report by […]
March 19, 2024
In the rapidly evolving landscape of software development, ensuring the security and compliance of applications is paramount. DevOps and SRE engineers are constantly on the lookout for strategies and tools that can bolster their application security posture management (ASPM). The core of ASPM revolves around identifying vulnerabilities, adhering to compliance and regulatory requirements, enhancing the […]
March 11, 2024
In this blog, I’ll focus on the need for integrating security in software delivery pipelines and how engineering a DevSecOps Pipeline is the solution. However, If you’d like to take a step back and learn the basics, then I urge you to read my earlier blog explaining what DevSecOps is all about. Introduction – Need for […]
February 22, 2024
In the ever-evolving landscape of digital infrastructure, two critical domains have emerged as cornerstones of modern technological operations: Site Reliability Engineering (SRE) and Application Security Posture Management (ASPM). While these fields may seem distinct at first glance, their convergence is not only natural but also essential for ensuring the reliability, security, and performance of digital services. In this blog […]
February 15, 2024
In the rapidly evolving landscape of software development, maintaining robust security measures while ensuring a smooth developer experience is paramount. Integrating an Application Security Posture product with Backstage integration can significantly streamline both security and development operations. This blog post explores the benefits, processes, and best practices of this integration. Understanding the Integration What is […]
February 3, 2024
What is ASPM(Application Security Posture Management)? ASPM stands for Application Security Posture Management. It is a modern approach to unlocking AppSec (Application Security) visibility across the entire continuous development and continuous deployment pipeline. https://www.youtube.com/watch?v=t04QHxN5Fgc ASPM practices are usually complemented by tools and strategies around security testing and code scanning to create and manage a robust […]
January 25, 2024
In the ever-evolving digital landscape, the security of software supply chains has become a pivotal concern for organizations globally. With 61% of businesses impacted by supply chain threats last year, the urgency for robust cybersecurity frameworks is undeniable. At the center of this security endeavor stands the National Institute of Standards and Technology’s (NIST) 800-53 standard, […]
January 22, 2024
This article is for engineering leaders who are just getting started with their AppSec and DevSecOps journey. Alternatively, for those who intend to extend DevOps to DevSecOps. The approach mentioned below not only helps the beginners to catch up with the business pace but also helps early starters to up the game and maturity level […]
January 9, 2024
Gopi Rebala, CTO at OpsMx recently presented a talk at ArgoCon 2023 in Chicago titled “Enforcing Supply Chain Security & Simplifying Compliance Auditing for ArgoCD Deployments”. During the talk, Gopi shared various techniques using frameworks and open source tools like GUAC, Sigstore, in-toto, Elastic, and Grafana to set up a secure supply chain workflow for […]
December 31, 2023
DevOps and DevSecOps are still relatively new concepts in the field of software engineering. While both are modern day evolution of traditional agile/ SDLC practices, knowing which particular philosophy to embrace depends upon your organization’s goals/ objectives. In this blog, I’ll be decoding the differences between DevOps vs. DevSecOps so that you can decide for […]
November 30, 2023
In this blog, I’m addressing the top 5 benefits of CI/CD in the context of security and compliance. This is a must-read for everyone involved in a DevOps process, but especially AppSec and DevSecOps professionals. But before getting into the benefits of a CI/CD process that any business is set to gain, I would first […]
November 17, 2023