26 01, 2017

DevOps and Separation of Duties

By |2019-11-18T09:29:05-08:00January 26th, 2017|Categories: DevSecOps|Tags: , , , , , , |

Despite the rapid growth of DevSecOps practices throughout various industries, there still seems to be a fair amount of trepidation, particularly among security practitioners and auditors. One of the first concerns that pops up is a blurted out “You can’t do DevSecOps here! It violates separation of duties!” Interestingly, [...]

22 01, 2015

Security Should Be the Top Driver for DevOps

By |2019-11-18T09:19:36-08:00January 22nd, 2015|Categories: DevSecOps|Tags: , , , , , , , |

Barrier to Entry (2006) by Tom Page https://www.flickr.com/photos/tompagenet/318656457 I’ve often said that the driving factor for many companies in adopting a comprehensive information security program are the dreaded “F” and “A” words - FUD and Audit. Technically FUD is an acronym for fear, uncertainty and doubt. And it [...]