Related Content

Larry Maccherone Building Security into DevOps: A Slack Takeover with Larry Maccherone

Thought leaders from the software community are taking over the TechWell Hub to answer questions and engage in conversations. Larry Maccherone, senior director at Comcast, hosted this Slack takeover and discussed what DevSecOps means, how to get started with security, and the changing role of security specialists.
Beth Romanik's picture
Beth Romanik
July 16, 2019
Keys on a keyring How to Get Security Groups to Join Your DevSecOps Journey

DevSecOps shifts security practices left and assures earlier that your application isn't vulnerable to breaches. But convincing a security group to get on board with your DevSecOps journey may not be an easy task. These four points can help you prove to your security group that DevSecOps is in everyone’s best interest.
Alan Crouch's picture
Alan Crouch
July 5, 2019
Stack of servers with an X over them The Advantages of Serverless Cloud Providers

Most cloud providers have server-based computing services. But that requires servers to be provisioned and administered, and servers have a fixed capacity to operate within. A new DevOps trend is to go serverless—however, this doesn’t mean no servers are used at all. Learn more about this model and its advantages now.
Deepak Vohra's picture
Deepak Vohra
June 26, 2019
Executive buttoning his suit coat How to Talk to Executives about Agile

In the agile community, executives tend to get a bad name. They are accused of not understanding agile and the benefits it will bring their companies. But we just need to speak the same language: Look beyond the surface-level reasons for resistance and try to identify the financial grounds. Just follow the money!
Steven Granese's picture
Steven Granese
May 28, 2019
Closeup photo of laptop computer lit up at night The Value of Security Testing in QA

For many organizations, traditional testing groups are separated from the IT security group. But having traditional testers perform some security testing efforts is a great way of achieving a balanced approach to shifting left while being mindful of staffing and budgetary challenges. It also has some great advantages.
Alan Crouch's picture
Alan Crouch
May 10, 2019
Combination padlock for security Continuous Security in Agile Development

"Continuous" gets mentioned a lot in agile and DevOps, but one area that often doesn’t get enough attention is how to continuously build, test, and deliver secure applications. Just like for quality, you can’t test security in, so you need to have a plan for how to build it in. Here are some tips on how to do that.
Jeffery Payne's picture
Jeffery Payne
March 29, 2019
Espresso being poured into a cup of water and mixing Integrating Threat Modeling into Agile Development

Threat modeling helps you determine where to focus your security testing efforts when building your app. But people often wonder how it can fit into their existing agile software development process. Here are three things you can do to integrate threat modeling into your agile workflow, either early on or mid-project.
Alan Crouch's picture
Alan Crouch
March 13, 2019
Business analyst performing analysis on a new project domain “It Was More Complex Than We Thought”: Why Business Analysis Is Essential

Many new project fields look simple from a distance because we only see the outputs and interfaces. But corner cases, bad data, users with special needs, regulations—getting inside a new knowledge domain and teasing out the special cases and unhappy paths is a skill. This is why business analysts are so important.
Payson Hall's picture
Payson Hall
February 6, 2019