DevSecOps practices, including continuous-integration/continuous-delivery (CI/CD) pipelines, enable organizations to respond to security and reliability events quickly and efficiently and to produce resilient and secure software on a predictable schedule and budget. Despite growing evidence and recognition of the efficacy and value of these practices, the initial implementation and ongoing improvement of the methodology can be challenging. In this podcast from the Carnegie Mellon University Software Engineering Institute, senior engineers Vanessa Jackson and Lyndsi Hughes discuss with principal researcher Suzanne Miller the DevSecOps adoption framework, which guides organizations in the planning and implementation of a roadmap to functional CI/CD pipeline capabilities.
The SEI Fellow Series: Nancy Mead
An Open Source Tool for Fault Tree Analysis
Global Value Chain – An Expanded View of the ICT Supply Chain
Intelligence Preparation for Operational Resilience
Evolving Air Force Intelligence with Agile Techniques
Threat Modeling and the Internet of Things
Open Systems Architectures: When & Where to Be Closed
Effective Reduction of Avoidable Complexity in Embedded Systems
Toward Efficient and Effective Software Sustainment
Quality Attribute Refinement and Allocation
Is Java More Secure Than C?
Identifying the Architectural Roots of Vulnerabilities
Build Security In Maturity Model (BSIMM) – Practices from Seventy Eight Organizations
An Interview with Grady Booch
Structuring the Chief Information Security Officer Organization
How Cyber Insurance Is Driving Risk and Technology Management
A Field Study of Technical Debt
How the University of Pittsburgh Is Using the NIST Cybersecurity Framework
A Software Assurance Curriculum for Future Engineers
Four Types of Shift Left Testing
Create your
podcast in
minutes
It is Free