Articles

The DevOps Security Stack: Tools You'll Need to Power a DevSecOps Transformation The DevOps Security Stack: Tools You'll Need to Power a DevSecOps Transformation

In most organizations, the transition to DevSecOps cannot happen without tools. A DevSecOps stack is a set of security tools that facilitate fast, automated security checks at every stage of the software development lifecycle (SDLC). This article covers the key principles of a successful DevSecOps stack, and the primary technologies that typically comprise the stack.

Gilad David Maayan's picture Gilad David Maayan
Covid Office The Agile Methodologies and Mindset That Got Us Through the COVID-19 Pandemic

The landscape of modern technology as well as the way it impacts business operations has transformed since agile methodologies were created. In the past 18 months, that rate of change has greatly accelerated. Let's take a look at just how much agile has helped us adapt to this uncertain time as well as the way that COVID-19 has impacted the agile principles that we can continue to rely on.

 

Nahla Davies's picture Nahla Davies
Safe How Kubernetes Can Help to Operationalize Your Container Security

As organizations continue to pursue their digital transformations, their IT infrastructures are expanding in both size and diversity. Many are seeing the addition of two new technologies in particular: containers and Kubernetes.

David Bisson's picture David Bisson
Ryan Kenney Containers, Docker, and Kubernetes 101: A Conversation with Ryan Kenney
Video

Ryan Kenney, senior consultant at Coveros, chats with TechWell community manager Owen Gotimer about the difference between containers, container engines, and container orchestration; using containers in your CI/CD pipelines; and the cost of security.

Owen Gotimer's picture Owen Gotimer
Secure padlock Embedding Security in a DevOps World

Faster DevOps processes also create new challenges. It was difficult enough to add security into a traditional waterfall software development lifecycle with monthly or quarterly releases, but now software updates are released several times a day! What can developers do to build and maintain more secure applications? Here are some ways to encourage better security practices throughout the DevOps lifecycle.

Alex Humphrey's picture Alex Humphrey
Agile + DevOps East Rome Wasn't Built in a Day...and Neither is Your DevSecOps
Slideshow

DevSecOps is about more than just the tools—it is an organizational, operational, and strategic transformation. So, as a “thorough or dramatic change in form or appearance” across the three main pillars of an organization, how can we expect a DevSecOps transformation to take place overnight?

Brittany Greenfield
Large-Scale DevSecOps: Bringing Security Confidence to Chaotic Development
Slideshow

Implementing application security (AppSec) programs on a large scale can often seem chaotic and unwieldy. Without the proper knowledge to implement robust AppSec tools, DevSecOps on a large scale can be overwhelming.

Dennis Hurst
Continuous Application Security Testing
Slideshow

Because of its specialized nature, many aspects of application security testing are often assigned to testers from another team or another company, and they may be brought in to perform a point-in-time assessment prior to a release.

Josh Gibbs
QADevSecOps: Leading a Quality-Driven DevOps Transformation
Slideshow

Have you wondered where QA professionals fit into a DevSecOps transformation? Stacy Kirk thinks they should champion the transformation. Regardless of where your company is on its journey to DevSecOps, quality must be at the forefront for optimal effectiveness and customer value. This means promoting feedback loops that use monitoring and reporting tools effectively, and most importantly, it means creating a culture of collaborative communication and continuous improvement. The role of the QADevSecOps practitioner must evolve from ensuring the quality of software to assessing the effectiveness of the company’s security and development processes using retrospectives as the new defect tracking system. Discover how Stacy’s experiences with innovative techniques have infused quality into every aspect of an agile transformation, from development to security to operations.

Stacy Kirk
Agile DevOps West What Japanese Shinkansen Trains Can Teach Us about Agile
Slideshow

Have you ever been to Japan and noticed that their railway system is incredibly efficient? As places like Tokyo continue to expand and the cost of living rises, more and more people rely on trains that start hours away from the city to arrive on time.

Matthew Weinstock

Pages

AgileConnection is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.