What is DevSecOps? What is DevSecOps? Key Takeaways DevSecOps is an extension of DevOps that focuses on moving security concerns earlier in the development process.“Shift Left” is a term that means moving … Read more NOW “What is DevSecOps?”
SBOMs Explained SBOMs Explained Key Takeaways A Software Bill of Materials (SBOM) lists all of the open-source and third-party software packages used in an applicationThis can be used to monitor and … Read more NOW “SBOMs Explained”
Why DevSecOps? Why DevSecOps? Key Takeaways DevSecOps is an extension of DevOps that integrates security into the entire software development process.Software supply chain attacks have been increasing every year making it … Read more NOW “Why DevSecOps?”
An Introduction to Software Composition Analysis An Introduction to Software Composition Analysis Key Takeaways Open source components introduce risk to an applicationThis risk comes from programming oversights, malicious code, and from other packages that an … Read more NOW “An Introduction to Software Composition Analysis”
Zero-Day Doom and Gloom Leave a Comment / May 2, 2022 June 3, 2022 Zero-Day Doom and Gloom Hi Sloan,When recent vulnerabilities like log4j and Spring4Shell were first reported, I heard them described with the words “zero-day”. It sounds pretty dark, like the … Read more NOW “Zero-Day Doom and Gloom”
Component Licenses FAQ Component Licenses FAQ Key Takeaways Almost all open-source software is distributed with a license that governs how you’re allowed to use it. Open Source Software is distributed with a variety … Read more NOW “Component Licenses FAQ”
Agile and DevOps – Puzzled In Pittsburgh Leave a Comment / April 15, 2022 April 19, 2022 Agile and DevOps – Puzzled in Pittsburgh Dear Sloan, Agile and DevOps – Are they the same thing? My company calls itself Agile, but my bosses tell me that we’re … Read more NOW “Agile and DevOps – Puzzled In Pittsburgh”
Lost on Open Source Licenses in Los Angeles Leave a Comment / April 5, 2022 April 19, 2022 Lost on Open Source Licenses in Los Angeles Dear Sloan, I was told that an open source license for one of my OSS components that I am using in a … Read more NOW “Lost on Open Source Licenses in Los Angeles”
Cybersecurity and SBOMs – I’m Stumped in Seattle Leave a Comment / March 2, 2022 June 8, 2022 “Cybersecurity and SBOMs – I’m Stumped in Seattle” Dear Sloan, What’s an SBOM? Is it part of cybersecurity? I hear people at work talking about this, and I’m afraid to … Read more NOW “Cybersecurity and SBOMs – I’m Stumped in Seattle”
Open Source Software: To be, or Not to be Free? Leave a Comment / February 22, 2022 April 26, 2022 “Open Source Software: To be, or Not to be Free?” Dear Sloan, I’m an experienced project manager, who recently took a job in technology. Coming from the healthcare industry, I … Read more NOW “Open Source Software: To be, or Not to be Free?”
