Full disk encryption (FDE) is a critical security measure in today’s modern networks. With data security being more critical than ever, many IT admins are wondering how they can enforce full disk encryption across their fleets of cross-platform systems. Many organizations are also subject to compliance regulations including PCI DSS, which require FDE as a […]
Automation Hacks for DevOps Teams
DevOps teams are expected to do more work in less time. They need to plan, test, build, secure and release applications at a fast-paced rate. Of course, the DevOps team needs to achieve all of this while maintaining high software quality. This is why automation is a crucial part of the DevOps workflow. The goal […]
Positioning Compliance as a Differentiator
As the threat landscape has become more perilous and complex, regulators have imposed a wide array of mandates designed to protect sensitive personal information. For most organizations, compliance is seen as the cost of doing business. However, if executed strategically it can not only improve a company’s overall security posture but shortens sales cycles and […]
How to Use DevOps for Compliance
Picture this: You’ve been working in an organization’s IT department for a couple of years and tasks have become quite a routine. Some documentation here and there, code reviews, end-user training, routine meetings with the developers and so on. You can do literally everything with your eyes closed. Then, all of a sudden, the company […]
CircleCI Achieves SOC 2 Compliance for DevOps Platform
CircleCI has achieved a SOC 2 compliance rating for the DevOps platform it makes available via a software-as-a-service (SaaS) model. Tad Whitaker, security manager at CircleCI, said CircleCI is the first provider of a SaaS platform for DevOps that has invested the hundreds of thousands of dollars required to achieve SOC 2 compliance. SOC 2 […]
Chef Achieves Multiple Compliance Mandates
Chef today announced it will make it easier for organizations that adopt its IT automation framework to stay compliant with mandates such as the Federal Information Processing Standards (FIPS), Secure Technical Implementation Guidelines (STIG) and the Center for Internet Security (CIS) certification. John Snow, senior software development engineer and federal content lead for solutions engineering […]
What It Really Takes to Build Compliant Apps
If you search online for “software compliance,” you’ll be met with a seemingly endless lineup of blog posts, how-tos and explainer articles promising to tell you everything you need to know about writing and deploying software in a compliance-friendly manner. Some of those are good resources, especially the ones that delve into meeting specific compliance […]
CloudBees Further Extends Jenkins CI/CD Reach
CloudBees announced it is expanding the scope and reach of its Jenkins open source continuous integration/continuous development (CI/CD) platform into the realms of compliance and serverless computing frameworks. Announced at the DevOps World | Jenkins World conference in Nice, France, a new plugin for Jenkins adds support for the AWS Serverless Application Model (SAM) defined […]
Chef Extends Scope of Compliance Automation
Chef has extended the reach of its InSpec compliance automation framework by adding a plug-in architecture that makes it easier for developers to programmatically generate compliance controls that can be applied to automation frameworks. The Terraform configuration management framework developed by HashiCorp is the first framework supported via the plug-in architecture. InSpec previously was integrated […]
Don’t Forget to Automate Cloud Security
Cloud has been around long enough, and we’ve had enough breaches stemming from unsecured cloud (mostly data objects, but other items, too) that we should know better. I cringe whenever I see a security headline along the lines of “… Unsecured S3 Bucket.” Would you publicly expose a server in your data center and not […]
- « Previous Page
- 1
- …
- 4
- 5
- 6
- 7
- 8
- …
- 10
- Next Page »