DevSecOps

May 13th, 2022, by
How to integrate IaC static analysis tools for Terraform

Quality and Security are essential aspects of Code, we have several tools for application code static analysis, but what about Infrastructure as Code (IaC) like Terraform? This blog recommends a few such tools to help in Terraform code analysis.

Read more
April 29th, 2022, by
GitOps Primer

With the rise of cloud, cloud-native and a lot of other buzzwords, we also see the rise of all kinds of Dev(fill here)Ops practices. While I'm an avid advocate of the DevOps mindset, all the buzz around pipelines sounds old-school to me.

Read more
January 10th, 2022, by
Do cross-functional team members need business knowledge?

In a modern high-performance cross-functional IT delivery team (such as Scrum or DevOps) all team members together have all technical knowledge and skills to deliver the right system to support a business process. But do the team members also need knowledge of the business process? And if yes, to what extent?

Read more
November 25th, 2021, by
Vlog: Enterprise Scale Cloud Architectures

Enterprise-scale architecture aligns technical architecture conversations into eight critical design areas to quickly help organizations

Read more
September 9th, 2021, by
How to secure your software supply chain with DevSecops

Vulnerabilities in software code come in many guises, and a new white paper from Sogeti and Microsoft argues that it would be wrong to focus your security efforts just on proprietary code.

Read more
September 8th, 2021, by
Security as Code – A Dynamic model to protecting your Digital Assets

Andy Grove famously wrote – ‘Only the Paranoid survive’ The message still makes sense and the only true solution to attacks is eternal vigilance.

Read more
September 2nd, 2021, by
How automation aids policy compliance in DevSecOps

Compliance — it’s both a challenge and an essential confirmation of quality controls within the new DevSecOps methodology, according to a new white paper from Sogeti and Microsoft.

Read more
August 26th, 2021, by
Cracking the code in DevSecOps

DevOps practices continue to evolve and, in the new iteration that is DevSecOps, security must complement existing business, processes, culture and people. A new white paper from Sogeti and Microsoft cites this as the most challenging part of DevSecOps adoption.

Read more
August 19th, 2021, by
How DevSecOps promotes continuous and purposeful monitoring

In a series of blog posts, we’re giving you a flavor of all 6 tips, including: Tip 3 : Monitor and observe continuously with purpose.

Read more
August 12th, 2021, by
Build a security-first culture across the business

Developing a security community in your enterprise improves buy-in across the organization and energizes employees.

Read more
June 24th, 2021, by
DevSecOps — a new paper by Microsoft and Sogeti

The rapidly changing world of DevOps and its role in enabling business is fascinating. That’s why I’m excited at the launch of a new paper that I and my colleagues at Sogeti have written in partnership with a great team at Microsoft.

Read more