DevSecOps

December 20, 2024

In Episode 91 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler present 2025 cybersecurity predictions and trends ...

December 13, 2024

In Episode 90 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA recap 2024 cybersecurity and technology events ...

December 06, 2024

In Episode 89 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the data generated by free applications and how technological advances are impacting individual privacy ...

December 03, 2024

Amid growing pressure to enhance productivity and maintain a competitive edge, organizations are streamlining their application development processes. While increasingly integrating DevSecOps and Generative AI (GenAI) into their workflows, development teams must align to safeguard against application security threats and manage risks effectively ...

December 02, 2024

I've loved witnessing CISA's Secure-By-Design (SBD) movement gain momentum worldwide, as the United States, Australia, New Zealand, Canada, Singapore, Japan, Germany, and the UK commit to integrating similar guidelines and expectations into their respective cybersecurity strategies — with many of these nations also contributing to the original US recommendations.

November 29, 2024

In Episode 88 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the ransomware attacks going on at Starbucks through Blue Yonder ...

November 27, 2024

As we approach 2025, the cyber security landscape will be shaped by the rise of AI-powered attacks, the looming threat of quantum computing, and the growing vulnerability of social media platforms. Part 2 continues the predictions ...

November 26, 2024

As we move into 2025, the cyber security landscape will become more complex, with new challenges emerging as rapidly as the technologies that drive them. From artificial intelligence (AI)-enhanced malware to looming quantum computing threats, the forecast from Check Point Software Technologies highlights the trends that organizations must prepare for to stay secure in this evolving digital environment ...

November 25, 2024

The escalating complexity of software supply chains and the applications being built is shifting greater security responsibilities onto developers. This shift is driving up costs and workload, threatening developer productivity and the overall quality of applications. Left unchecked, these pressures can jeopardize the very security that DevSecOps aims to enhance ...

November 22, 2024

In Episode 87 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the impact of the 2024 election on cybersecurity ...

November 21, 2024

Agile security sprints are specialized iterations within the Agile framework focused on embedding security into the sprint cycle. Rather than treating security as an afterthought or a final checkpoint, it's integrated into the regular sprint rhythm ...

November 19, 2024

The evolution of AI, particularly in cloud and serverless environments, has opened up new possibilities — but it's also introduced significant complexities, especially around privacy and data security. DevOps engineers are on the frontlines of these challenges ...

November 15, 2024

In Episode 86 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss real-world cybersecurity AI use cases ...

November 13, 2024

Part 12 of this series features expert recommendations on how to avoid the risks associated with using AI to support software development ...

November 04, 2024

In Part 6 of this series, the experts warn of the security risks associated with using AI to help develop software ...

November 01, 2024

In Episode 84 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss using AI to influence elections and election security in general ...

October 29, 2024

Part 2 of this series covers more processes that can be supported or improved by AI, including security, testing, deployment, documentation and more ...

October 25, 2024

In Episode 83 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss communications security ...

October 24, 2024

In DevOps, hierarchical security practices involve embedding security measures into every development lifecycle stage. Unlike traditional models where security is a final checkpoint before deployment, hierarchical security integrates security from the outset, beginning with the planning and design phases. By doing so, potential vulnerabilities are identified and mitigated early ...

October 22, 2024

Nearly all (92%) security leaders have concerns about the use of AI-generated code within their organization, according to Organizations Struggle to Secure AI-Generated and Open Source Code, a new report from Venafi ...

October 21, 2024

The meteoric rise of artificial intelligence (AI) in the past few years has been a boon for software developers, who quickly embraced AI's ability to help them create code more quickly. But the other edge of the AI sword is that its code isn't always secure, because AI models trained on flawed code, which exists in plenty of applications, are only going to repeat the same mistakes ...

October 18, 2024

In Episode 82 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss cybersecurity maturity ...

October 15, 2024

DevSecOps emerged as a potential solution to address delays and missed vulnerabilities, streamlining development and operations by prioritizing speed and collaboration without compromising on security. But the growing complexity of cloud-native environments and the surge in the volume and vectors of the threat landscape is once more reshaping the way organizations approach software development. The latest evolution increasingly demands that security be treated as an integral part of the software development process ...

October 08, 2024

CyCognito recently conducted an analysis of over 39 million data points from a diverse range of companies, providing concrete evidence validating the growing concerns about the vulnerability of our software supply chains. The report's findings reveal a troubling reality: our digital ecosystems are far more vulnerable than we'd like to believe ...

October 07, 2024

The incorporation of generative AI and machine learning into DevSecOps has unlocked significant potential to improve organizational efficiency in software development. Yet, despite these developments, mitigating friction between development and security teams remains a persistent challenge ...

Pages