Tag: risk
Proactive Dependency Management: Reducing Risk and Improving Software Quality
Justin Young | | dependencies, Dependency Management, devops, open-source components, quality, risk, Software Supply ChainManaging dependencies isn’t just best practice, it is an essential ongoing process. Implement these strategies in your projects to stay ahead of potential issues and ensure your software remains reliable, secure and ...
Report: High Risks to Software Supply Chains are Commonplace
A nine-month analysis of more than 100 million alerts, tens of thousands of code repositories, and 140,000 real-world applications finds 95% of organizations have at least one high, critical, or apocalyptic risk ...
Gremlin Adds Detected Risk Tool to Chaos Engineering Service
Gremlin's risk detection capability in its chaos engineering service automatically identifies issues that could cause outages along with recommendations to resolve them ...
FAA Ground Stop due to Technical Debt? | Don’t Do DIY Crypto!
Richi Jennings | | cryptography, database, devsecops, Don’t settle for what life gives you—make life better and build something, encryption, end to end, FAA, federal agencies, legacy, mainframe, NOTAM, privacy, risk, security, technical debt, The Long View, ThreemaIn this week’s #TheLongView: The FAA’s NOTAM database gets corrupted, and Threema shows why DIY encryption is bad ...
Best of 2022: Measuring Technical Debt
As we close out 2022, we at DevOps.com wanted to highlight the most popular articles of the year. Following is the latest in our series of the Best of 2022. What is ...
What Donuts Teach Us About DevOps and Delivery Risk
Kohsuke Kawaguchi | | automation, continuous delivery, continuous testing, Jenkins, Kohsuke Kawaguchi, Launchable, riskToday, most DevOps teams do not think too much about their approach to risk. Usually, the typical attitude focuses on what to add to reduce risk further. In other words, "Can we ...
Secure Software Summit: Reachability and Risk for Security Leaders
It is impossible to manage security posture without considering two key factors in any potential vulnerability or security flaw: Reachability and risk. The two factors are related. Reachability defines the degree to ...
Fixing Risk Sharing With Observability
Incentives are mismatched among SREs, SecOps, and application developers. These mismatches create challenges around how and what information is shared across siloed teams. This asymmetrical information creates a moral hazard where one ...
Low-Risk Monolith-to-Microservice Evolution, Part 1
In designing and organizing a two-day workshop on microservices, I’ve been thinking a lot about how to explain monolith application decomposition and what a transition to microservices might look like. This is ...
How to Manage Risk, Regulation and Compliance Differently —and Better
Martin J. Logan | | binary risk management, business outcomes, compliance, legal, perceived risk, Regulation, riskDuring my career as a technology leader I have worked on PCI security, lawsuits, federal and state compliance, foreign market launches and acquisitions. All of these have regulatory, compliance and legal aspects ...
Lean Security: How Better Development Can Protect Your Business
If companies are to reach their strategic goals—reducing time to market, boosting sales, improving product market fit and brand image, and cutting cybersecurity costs—then it's time for a new outlook on software ...
Evolving to Continuous Testing
contributor | | agile, automation, continuous integration, continuous testing, devops, risk, testingAs agile development practices mature and DevOps principles infiltrate our corporate cultures, organizations are realizing the distinct opportunity to accelerate software delivery. However, when you speed up any process, immature practice areas ...
