Gene Gotimer, senior architect at Coveros Inc., discusses understanding the role of QA in DevOps, DevOps educational tools, trusting your team, and paid and open source security tools.
Gene Gotimer, senior architect at Coveros Inc., discusses understanding the role of QA in DevOps, DevOps educational tools, trusting your team, and paid and open source security tools.
Every day organizations incorporate DevSecOps into their software development, security, and operations practices to ensure they can build critical security controls into their agile software delivery. According to one survey, 84 percent of respondents said it’s difficult to reduce risk to their applications because they’re not able to monitor, detect, and prevent attacks at the application level. […]
DevSecOps shifts security practices left and assures earlier that your application isn’t vulnerable to breaches. But convincing a security group to get on board with your DevSecOps journey may not be an easy task. These four points can help you prove to your security group that DevSecOps is in everyone’s best interest.
There has been much discussion about the many benefits of “moving testing left,” and our experts will tell you that doing so by having automated testing (Quality Gates) integrated into your build pipelines is a critical success factor for the rapid build and deploy process automation necessary to truly reap the benefits of Agile. That […]
DevSecOps shifts security practices left and assures earlier that your application isn’t vulnerable to breaches. But convincing a security group to get on board with your DevSecOps journey may not be an easy task. These four points can help you prove to your security group that DevSecOps is in everyone’s best interest.
With the trend toward a more continuous delivery and deployment process, late-lifecycle activities like security assurance present a significant hurdle to continuously delivering value to customers. DevSecOps addresses this by shifting security assurance activities, personnel, and automation closer to development.
The Jenkins pipeline documentation does a serviceable job describing a Jenkinsfile. There are a number of examples for common tasks, giving code snippets that can be copied and pasted for your own use. When needing to do simple or commonly performed tasks, this method can be sufficient. There is also a helpful pipeline syntax generator […]
Federal agencies generally have more regulation, slower processes, and a command-and-control style of bureaucracy. How does it work when trying to foster agility and implement a continuous delivery model? Gene Gotimer relates his experiences and challenges with encouraging a culture change in federal government.
I’ve had the privilege (and the many challenges) of working in IT for more than three decades. Early in my career I tended to accept things as they were presented, following the techniques, processes, guidelines, and approaches I was taught by my peers and managers. As I gained experience and wisdom, I became a better independent thinker and started to connect the dots and ask questions.
With the advent of agile and DevOps, organizations are moving from specialized roles to cross-functional teams—and that means cross-functional sharing of the specialized tools used in each silo. So it’s not unreasonable for a tester to need access to the tools used in those other silos, such as Kubernetes. Kubernetes is a scalable, production-grade container […]
