The DevOps, IT security and IT governance communities will remember 2021 as the year when the Software Bill of Materials, or SBOM, graduated from a “nice to have” to a “must have.” Around for years, the SBOM has now become a critical DevSecOps piece, which everyone must thoroughly understand and incorporate into their SDLC (Software …
One of the most worrisome trends in cybersecurity today is the skyrocketing incidence of supply chain attacks, such as the ones that hit SolarWinds last year and Kaseya more recently. Because they focus on compromising software development and delivery, supply chain attacks have forced developers and DevOps teams to scramble for solutions. Unfortunately, supply chain …
In the wake of recent events like the SolarWinds hack and the White House executive order on cybersecurity, DevSecOps and security are top-of-mind for most DevOps and security professionals. How to efficiently adapt or adopt a sound DevSecOps has become a priority, especially with the U.S. government’s impending mandate requiring software applications to be vetted, …
The United States Government equates cybersecurity with national security. That’s the crux of the recent Executive Order that will mandate that not only must software applications be vetted, but there will be upcoming regulations on providing all of the components that make up the software. As section 1 notes: “prevention, detection, assessment, and remediation of …
