Using Your Software Delivery Process to Achieve NIST 800-53 Compliance
Download Whitepaper Now
MAY 22 2024 REGISTER NOW
1000+ DOWNLOADS GRAB IT NOW
At an event we repeatedly heard from the visitors that the delivery teams are notified of the vulnerabilities just before the production deployment or after the deployment has happened, which is too late. There was a lot of focus on shifting-left security to detect, prioritize and remediate security vulnerabilities early in the application development lifecycle. […]
April 29, 2024
In addition to my blog on SDLC Compliance Management With CI/CD Policy Enforcement, I wanted to provide second level details on the available list of compliance rules and policies that can be leveraged using OpsMx Secure Software Delivery. OpsMx Secure Software Delivery is designed to monitor and enforce compliance with a broad range of security and application […]
August 23, 2023
I’ve spoken to quite a few DevSecOps experts and implementers over the past couple of months and there’s been a commonality in terms of their priority initiative – They are looking to implement enterprise-wide compliance for their software delivery life cycle leveraging their existing CI/CD solution. Another way to rephrase this is to collect proof […]
In my previous blog, I explained what is a security vulnerability and the traditional approach to vulnerability management. In this blog, I will mainly spend time talking about the symptoms of vulnerability remediation, specifically in the context of Software Delivery/ Deployment. But in the interest of readers who don’t want to read my previous blog on Vulnerability […]
August 14, 2023
For technology and SaaS companies alike, the quickest way to lose customer/ brand trust is being vulnerable to breaches. We’ve seen time and again, how even the biggest brands lose market share because they were at the receiving end of a security breach. A popular example is Yahoo, who experienced two significant data breaches in […]
Almost all large and medium organizations have implemented CI/CD processes to attain speed and scale in their software delivery process. And gradually, security is getting integrated into the CI/CD pipeline to release software to the market safely and without any vulnerabilities. The responsibility of integrating security is given to architects and the DevSecOps team. And […]
August 4, 2023
DevSecOps has ushered in a new era of secure software delivery, thanks to its proactive “Shift Left” strategy. This method, which advocates for the early and consistent inclusion of security measures, has revolutionized how we protect the integrity and safety of our software systems. Yet, our work is far from over! Post-build vulnerabilities can still sneak […]
July 31, 2023
Time and again we have witnessed hackers use a software’s supply chain to take advantage of exposures and sneak into its systems and wreak havoc. There are many such instances where exposures have gone undetected for months or even years altogether. Most notably – The Solarwinds Orion attack (also called Solarwinds supply chain attack) that went […]
July 20, 2023
In tech, every new day brings forth news about an enterprises’ compromised system. And this not only causes a frenzy to beef up security within the company, but also a sort of panic among customers/clients that deeply care about their data that is compromised. Let alone the negative PR created as a result of the […]
July 5, 2023
Why security is important in the CI/CD process Almost all of the best practices for DevSecOps teams revolve around improving their security posture. That is because every organization that has implemented CI/CD, has done it with the intention of attaining speed and scale in their software delivery process. Although the time to market has increased […]
Table of Contents Introduction: What Is DevSecOps? And, What Does It Stand For? The industry has been talking a lot about DevSecOps in recent years. DevSecOps, which stands for Development, Security, and Operations, encourages the need to integrate security best practices within every stage of the software development lifecycle. Introduction To DevSecOps Born from the […]
June 19, 2023