Using Your Software Delivery Process to Achieve NIST 800-53 Compliance
Download Whitepaper Now
ON DEMAND WEBINAR WATCH NOW
1000+ DOWNLOADS GRAB IT NOW
APR 24 2024 REGISTER NOW
Amidst this growing tension around emerging cyber threats, one of the hottest topics in the software industry is ASPM (Application Security Posture Management). And rightly so, organizations must have a conversation around their ongoing AppSec practices and how to improve their security posture further. Need for a strong AppSec posture According to this report by […]
March 19, 2024
In the rapidly evolving landscape of software development, maintaining robust security measures while ensuring a smooth developer experience is paramount. Integrating an Application Security Posture product with Backstage integration can significantly streamline both security and development operations. This blog post explores the benefits, processes, and best practices of this integration. Understanding the Integration What is […]
February 3, 2024
What is ASPM(Application Security Posture Management)? ASPM stands for Application Security Posture Management. It is a modern approach to unlocking AppSec (Application Security) visibility across the entire continuous development and continuous deployment pipeline. ASPM practices are usually complemented by tools and strategies around security testing and code scanning to create and manage a robust defense […]
January 25, 2024
In the ever-evolving digital landscape, the security of software supply chains has become a pivotal concern for organizations globally. With 61% of businesses impacted by supply chain threats last year, the urgency for robust cybersecurity frameworks is undeniable. At the center of this security endeavor stands the National Institute of Standards and Technology’s (NIST) 800-53 standard, […]
January 22, 2024
Gopi Rebala, CTO at OpsMx recently presented a talk at ArgoCon 2023 in Chicago titled “Enforcing Supply Chain Security & Simplifying Compliance Auditing for ArgoCD Deployments”. During the talk, Gopi shared various techniques using frameworks and open source tools like GUAC, Sigstore, in-toto, Elastic, and Grafana to set up a secure supply chain workflow for […]
December 31, 2023
In this blog, I’m addressing the top 5 benefits of CI/CD in the context of security and compliance. This is a must-read for everyone involved in a DevOps process, but especially AppSec and DevSecOps professionals. But before getting into the benefits of a CI/CD process that any business is set to gain, I would first […]
November 17, 2023
While some companies have already taken strong initiative to address gaps in their application security and software supply chain, the vast majority of them are still waking up to the increasing sophistication of cyber threats. Even for those companies that are ahead in the ‘security game’, merely ensuring security is one thing, but enforcing and […]
October 12, 2023
For those who missed out my presentation on Deployment Firewall, here’s a recording to provide you insights into how DevOps, DevSecOps, AppSec, CloudOps, SRE and Engineering teams can use OpsMx Deployment Firewall for specific purposes aligning to their roles and responsibilities. Happy to take any questions you have or jump on a call to provide a quick […]
October 9, 2023
In today’s fast-paced digital landscape, ensuring the security of software delivery is of paramount importance. In the years gone by, ‘Security in the Pipeline’ was sufficient enough to display a robust security posture. But in recent months and years, security threats have become increasingly sophisticated, targeting CI/CD pipelines, delivery toolchain, and other parts of the […]
October 4, 2023
In addition to my blog on SDLC Compliance Management With CI/CD Policy Enforcement, I wanted to provide second level details on the available list of compliance rules and policies that can be leveraged using OpsMx Secure Software Delivery. OpsMx Secure Software Delivery is designed to monitor and enforce compliance with a broad range of security and application […]
August 23, 2023
I’ve spoken to quite a few DevSecOps experts and implementers over the past couple of months and there’s been a commonality in terms of their priority initiative – They are looking to implement enterprise-wide compliance for their software delivery life cycle leveraging their existing CI/CD solution. Another way to rephrase this is to collect proof […]