Operations | Monitoring | ITSM | DevOps | Cloud

June 2021

DevSecOps is a practice. Make it visible

Security should be embedded in DevOps by default, but for many organizations, it is not. Enter “DevSecOps”. What is DevSecOps? It is a practice to build more secure applications, secure the software factory, and secure cloud workloads. Because it is a practice it needs to be visible. In this session hear about the ways tech-enabled enterprises approach a DevSecOps practice, how they make it visible, and how Splunk + JFrog can accelerate your journey.

The Biggest DevSecOps Hits From swampUP 2021

In the wake of recent events like the SolarWinds hack and the White House executive order on cybersecurity, DevSecOps and security are top-of-mind for most DevOps and security professionals. How to efficiently adapt or adopt a sound DevSecOps practice has become a priority, especially with the U.S. government’s impending mandate requiring software applications to be vetted, and to create a trusted Software Bill Of Materials (SBOM) for each one.

Drive DevSecOps Visibility with JFrog Partner Integrations

If you need your teams to act, you need to alert them where they’re already looking. Yet yesterday’s DevOps practices demand individuals to wrangle with uncorrelated events, multiple UIs, and siloed technologies. Tomorrow’s DevOps must enable teams with: To practice DevSecOps, you’ll need to know where a vulnerable build has been deployed into production, and where to find the corrected build that should replace it.

Upgrading DevSecOps with compliance automation - Bryan Langston, Mirantis

Compliance automation is a commonly overlooked area of Kubernetes observability. The question is: how do you automate compliance to a security framework that isn’t well understood by DevSecOps teams to begin with? This lack of understanding contributes to mismanaged compliance efforts and in a worst-case scenario, audit exposures and organizational risk. This talk will walk through an example of how to 1) map compliance controls to specific Kubernetes technical configuration 2) automate the assessment of those controls 3) visualize the assessment results. DevSecOps teams will better understand how to incorporate compliance automation alongside security automation.

GitLab 2021 DevSecOps Survey Key Findings

For the last several years, GitLab has run a major survey about the trends facing the DevSecOps community. This year over 4,000 people responded to the survey, 40% who identified as a Software Developer / Software Engineer. Also about half the survey participants are based in Asia, a major region for Software Developers. One of the biggest trends you will find throughout the survey is how much developers value speed and efficiency.