By Andrew Storms|2019-09-11T12:35:48-07:00October 16th, 2017|Categories: Tips & Tricks|Tags: audit, automation, Chef, Devops, DevSecOps, packer.io, pipeline|
Image via Pixabay Recently, Joshua Kugler, a Sr. DevOps Engineer at New Context, wrote a blog post providing tips for using Chef Zero, audit mode and Packer. As leaders in DevSecOps, we believe in the importance of sharing knowledge and are passing this resource along to you. Read [...]
By Andrew Storms|2019-11-18T09:29:05-08:00January 26th, 2017|Categories: DevSecOps|Tags: audit, compliance, Devops, DevSecOps, security, Separate of Duties, SoD|
Despite the rapid growth of DevSecOps practices throughout various industries, there still seems to be a fair amount of trepidation, particularly among security practitioners and auditors. One of the first concerns that pops up is a blurted out “You can’t do DevSecOps here! It violates separation of duties!” Interestingly, [...]
By Andrew Storms|2019-11-18T09:19:36-08:00January 22nd, 2015|Categories: DevSecOps|Tags: audit, compliance, continuous integration, Devops, FUD, governance, lean, security|
Barrier to Entry (2006) by Tom Page https://www.flickr.com/photos/tompagenet/318656457 I’ve often said that the driving factor for many companies in adopting a comprehensive information security program are the dreaded “F” and “A” words - FUD and Audit. Technically FUD is an acronym for fear, uncertainty and doubt. And it [...]
