Operations | Monitoring | ITSM | DevOps | Cloud

March 2021

The DevSecOps Cultural Transformation

Let’s take a moment and think about security in your organization. Security is often separate from other engineering teams such as development, operations, networking, IT, and so forth. If you narrow down your focus to specifically releasing new software or features and functions in existing software, you’ll find that while development and operations are working together very quickly and efficiently, they’re still vaulting these functions and features over to security.

Implementing DevSecOps in a Federal Agency with VMware Tanzu

Unifying three distinct teams—development, security, and operations—around a common approach to get application releases to production is challenging. This post explores how Tanzu Labs partnered with a major branch of the Department of Defense (DoD) to build an automated DevSecOps process using VMware Tanzu and several open source tools.

DevSecOps is a Practice. Make it visible.

While DevSecOps feels like just another industry term, engineering teams everywhere are feeling greater and greater accountability for the security and stability of applications they build. DevSecOps is a practice, not a product. The practice consists of three primary use cases. For enterprises to be successfully implementing DevSecOps practices they need to focus on visibility, consistent communication, and data-driven incident response.

DevSecOps vs DevOps: What are the Differences?

The modern technology landscape is ever-changing, with an increasing focus on methodologies and practices. Recently we’re seeing a clash between two of the newer and most popular players: DevOps vs DevSecOps. With new methodologies come new mindsets, approaches, and a change in how organizations run. What’s key for you to know, however, is, are they different? If so, how are they different? And, perhaps most importantly, what does this mean for you and your development team?

Vulnerability Management and DevSecOps with CI/CD

Many of the world's highest performing software development teams have adopted DevOps practices, simplifying software builds, testing, and deployment. But standard DevOps process fails to address a vital issue: security and vulnerability management. Learn how to shift security left and get your entire team onboard to maintain the security of their libraries and container images.