Shadow IT is back, and this time, it’s in the DevOps toolstack “One of our clients conducted an audit and found more than 10,000 Jenkins instances across their IT landscape!” This remark from a tooling vendor that helps enterprises centralize their continuous integration infrastructure really took me by surprise. For starters, I was impressed how […]
Software Liability Goes Global
This month, France turned up the conversation on software liability for manufacturers who place known defective software components in their products. But, they are not the first. Software Liability in France According to Lukasz Olejnik, lawmakers in France just suggested a desire to “put the security liability in hands of product suppliers. In other words, making […]
Automation Levels the Playing Field for Continuous Compliance
At this point, I doubt there is any company doing business anywhere that doesn’t fall under at least one compliance framework. One universal truth of compliance—in intent, if not in practice—is that it is a process, not an event. Checking boxes and passing an audit is a requirement of most compliance mandates, but the real […]
Chef Advances Compliance Automation
Chef today expanded the reach of its InSpec platform for automating compliance management with an update that adds support for Amazon Web Services (AWS) and Microsoft Azure public clouds, as well as integration with additional third-party tools. In total, InSpec 2.0 adds more than 30 additional capabilities, including support for Docker containers, Microsoft IIS and […]
Survey: Not Much Compliance Progress in DevOps World
A survey of 1,500 customers conducted by Chef illustrates the lacking state of DevSecOps in the enterprise today, finding that nearly three-quarters of IT organizations still manually assess whether applications comply with various regulations before being deployed to production. Worse yet, half the respondents also manually remediate any issue once it arrives, which takes days […]
Why DevOps Principles Fit Well in Highly Regulated Industries
DevOps is best suited to digital start-ups with minimal regulation and few restrictions, right? Initially the DevOps movement stemmed from the agile, innovative, born-on-the-web companies that were able to change their way of working quickly. However, the principles and practices are completely transferrable to all organization types. This includes those at the other end of […]
DevOps Chat: Chef Habitat Project Continues to Mature
When Chef Habitat was released a little more than two years ago (good staging-devopsy.kinsta.cloud story on Habitat here and a good DevOps Chat on it here), many people in the DevOps community wondered where Chef was going with Habitat. It was a really ambitious vision, but could it meet its lofty goals? Habitat is now […]
It’s Time to Break Up with Your WAF
If the only reason you have a web application firewall (WAF) is for compliance, you deserve better. It’s time to replace it with something that provides not only compliance, but real security value as well. In the land of web application security, there are a few not-so-well-kept secrets, arguably none bigger than this: The WAF […]
Embedding Ownership: A DevOps Best Practice
From where I sit in the DevOps community, there is often more focus on dev than on ops. Damon Edwards (@damonedwards) of SimplifyOps sought to change that with his talk, “Ops Happens: DevOps Beyond Deployment,” at the All Day DevOps conference. Damon dove right into the primary, systemic force behind most DevOps problems: silos. The […]
Salesforce Moves Compliance to the DevOps Left
Compliance is one of those tasks that trips up developers multiple times over. More times than anyone cares to admit developers finish an application only to discover there are any number of compliance controls that were overlooked. Sometimes, bringing that application into compliance is trivial. Other times, it can delay the rollout of the application […]
- « Previous Page
- 1
- …
- 5
- 6
- 7
- 8
- 9
- 10
- Next Page »