DevSecOps

What is SCITT and how does RKVST help?

Jul 11, 2022 By Jon Geater In DataTrails

SCITT in the information security context stands for “Supply Chain Integrity, Transparency, and Trust”. It’s a relatively young discipline and the dust is still settling over its scope and definition but the core is very simple: risk vests in the operator of equipment, but it originates at every point in the supply chain.

Read Post

DataTrails

Read more about What is SCITT and how does RKVST help?

Auto-Remediation with Rezilion

Jul 11, 2022 By Rezilion In Rezilion

Learn how you can fix security issues quickly and easily using Rezilion auto-remediation feature in CI.

View Video

Rezilion

Read more about Auto-Remediation with Rezilion

Rezilion's Dynamic Software Bill of Materials (SBOM)

Jul 11, 2022 By Rezilion In Rezilion

Use Rezilion's Dynamic SBOM to create a continuous inventory of all of your software components, map any recognized vulnerability to these components, assess, and share your attack surface.

View Video

Rezilion

Read more about Rezilion's Dynamic Software Bill of Materials (SBOM)

Team Up on DevSecOps with JFrog Platform App for Microsoft Teams

Jul 11, 2022 By Deep Datta and Karol Harezlak In JFrog

The JFrog DevOps Platform is your mission-critical tool for your software development pipelines. The results of key binary management events in Artifactory, Xray, and Distribution can reveal whether or not your software pipelines are on-track to deliver production-quality releases.

Read Post

JFrog

Read more about Team Up on DevSecOps with JFrog Platform App for Microsoft Teams

Using DevSecOps for Efficient IT Security

Jul 10, 2022 By Tripwire Guest Authors In Tripwire

DevSecOps is the key to achieving effective IT security in software development. By taking a proactive approach to security and building it into the process from the start, DevSecOps ensures improved application security. It also allows organizations to rapidly develop application security with fewer bottlenecks and setbacks. Some critical aspects of the DevSecOps approach and best practices can help organizations get started implementing this development strategy.

Read Post

Tripwire

Read more about Using DevSecOps for Efficient IT Security

Strategic Remediation Is Critical In Your DevSecOps Program

Jul 5, 2022 By Rezilion In Rezilion

This is the fourth installment in a series about making DevSecOps work in your organization. The fourth and final pillar of DevSecOps—following discovery, validation and prioritization—is remediation. This is the step in the vulnerability management process that all the others lead to, and without it, there is essentially no point to going through any of the other phases. Not all remediation practices are equal, however.

Read Post

Rezilion

Read more about Strategic Remediation Is Critical In Your DevSecOps Program

SecDevOps & LimaCharlie: Automating and auditing of Github access.

Jul 1, 2022 By LimaCharlie In LimaCharlie

LimaCharlie's Security Infrastructure as a Service (SIaaS) approach makes it ideal for securing your CI/CD pipeline and building security solutions that make sense for you. In this video LimaCharlie founder and CEO, Maxime Lamothe-Brassard, walks through various ways to visibility and add layers of protection to your development process.

View Video

LimaCharlie

Read more about SecDevOps & LimaCharlie: Automating and auditing of Github access.

What is Zero Trust Fabric?

Jun 30, 2022 By Jon Geater In DataTrails

Trust is a very broad and complex topic, and consequently there are very many definitions of Zero Trust that can be confusing as they try to capture the nuance and details and scope that the problem of trust raises.

Read Post

DataTrails

Read more about What is Zero Trust Fabric?

Prioritization Changes the Game in DevSecOps

Jun 29, 2022 By Rezilion In Rezilion

This is the third installment in a series about making DevSecOps work in your organization. We’ve looked at the first two pillars of the DevSecOps model—discovery and validation. In this post we examine the third—prioritization. Discovery enables security and development teams to identify software vulnerabilities, and validation allows them to determine which of these flaws present actual security risks and which do not.

Read Post

Rezilion

Read more about Prioritization Changes the Game in DevSecOps

Finding the Time to Compete: Getting an Edge out of DevSecOps

Jun 29, 2022 By John Vassiliou In Rezilion

The software development process is one with strict deadlines. The pace of innovation does not slow down. Because of this, developers often find themselves frustration as they try to ensure that the product they’re producing delivers on customer expectations, while also limiting vulnerabilities. The balancing act between product security and meeting the needs of a time crunch can lead to a product being rushed to the market, leaving it vulnerable to unpatched exploits.

Read Post