The first step to defining an OpenSource use policy is to realize that, while we’re setting about to chart a course to DevSecOps, we should expect that the path to maturity may take some time. Defining a timeline for success and creating S.M.A.R.T. goals (specific, measurable, achievable, reasonable, and timely) is critical…
There’s a lot being discussed these days about secure DevOps. What does it mean to do continuous integration and deployment in a secure way? Is it about securing the pipeline itself? Or, is there more to it than that? I have your back. There are just three basic steps to DevSecOps…
Given all of the hoopla about digital currencies these days, I decided to do a little digging into the relative security of cryptocurrency related open source projects…
In my review of apps, both in my company and others, I’ve found that more than 90% of the code that makes up an app these days is something we borrowed, not wrote ourselves….
Our adversaries tirelessly poke, prod, and adapt their tactics, we have to as well. Thinking Agile-like means sharing information, being part of the solution not the problem, and being willing to change…