Using Your Software Delivery Process to Achieve NIST 800-53 Compliance
Download Whitepaper Now
ON DEMAND WEBINAR WATCH NOW
1000+ DOWNLOADS GRAB IT NOW
APR 24 2024 REGISTER NOW
Amidst this growing tension around emerging cyber threats, one of the hottest topics in the software industry is ASPM (Application Security Posture Management). And rightly so, organizations must have a conversation around their ongoing AppSec practices and how to improve their security posture further. Need for a strong AppSec posture According to this report by […]
March 19, 2024
In the fast-paced world of DevSecOps, traditional approaches to compliance are fraught with inefficiencies and waste, far beyond the mere inconvenience of manual checks. These outdated methods introduce significant bottlenecks, hindering speed, security, and agility—key pillars in software development. The solution lies in adopting a ‘lean compliance’ model, where compliance is seamlessly automated and integrated […]
March 12, 2024
In this blog, I’ll focus on the need for integrating security in software delivery pipelines and how engineering a DevSecOps Pipeline is the solution. However, If you’d like to take a step back and learn the basics, then I urge you to read my earlier blog explaining what DevSecOps is all about. Introduction – Need for […]
February 22, 2024
Often I have heard that in a large enterprise it becomes difficult for audit, compliance, DevSecOps or DevOps teams to implement these controls centrally in order to monitor and govern in real-time and generate reports on press of a button whenever needed. Technically it is very easy but from a logistics standpoint it is very […]
February 5, 2024
What is ASPM(Application Security Posture Management)? ASPM stands for Application Security Posture Management. It is a modern approach to unlocking AppSec (Application Security) visibility across the entire continuous development and continuous deployment pipeline. ASPM practices are usually complemented by tools and strategies around security testing and code scanning to create and manage a robust defense […]
January 25, 2024
This article is for engineering leaders who are just getting started with their AppSec and DevSecOps journey. Alternatively, for those who intend to extend DevOps to DevSecOps. The approach mentioned below not only helps the beginners to catch up with the business pace but also helps early starters to up the game and maturity level […]
January 9, 2024
DevOps and DevSecOps are still relatively new concepts in the field of software engineering. While both are modern day evolution of traditional agile/ SDLC practices, knowing which particular philosophy to embrace depends upon your organization’s goals/ objectives. In this blog, I’ll be decoding the differences between DevOps vs. DevSecOps so that you can decide for […]
November 30, 2023
Securing the CI/CD process is essential in today’s rapidly evolving digital infrastructure. This blog explores how integrating NIST compliance can bolster security in software delivery and deployment. DevSecOps and CI/CD: Addressing Emerging Security Concerns The adoption of DevSecOps has notably shifted the focus to earlier security integration within software development. This critical evolution also created […]
November 20, 2023
While some companies have already taken strong initiative to address gaps in their application security and software supply chain, the vast majority of them are still waking up to the increasing sophistication of cyber threats. Even for those companies that are ahead in the ‘security game’, merely ensuring security is one thing, but enforcing and […]
October 12, 2023
This is My #1 Takeaway From DevOps Conclave I had the pleasure of speaking with DevOps, DevSecOps and Engineering leaders at the DevOps Conclave 2023 last week and it was a great learning experience for me to get insights into how they are approaching their Continuous Integration, Continuous Delivery and DevSecOps initiatives. Their key responsibilities […]
October 11, 2023
In today’s fast-paced digital landscape, ensuring the security of software delivery is of paramount importance. In the years gone by, ‘Security in the Pipeline’ was sufficient enough to display a robust security posture. But in recent months and years, security threats have become increasingly sophisticated, targeting CI/CD pipelines, delivery toolchain, and other parts of the […]
October 4, 2023