DevSecOps practices, including continuous-integration/continuous-delivery (CI/CD) pipelines, enable organizations to respond to security and reliability events quickly and efficiently and to produce resilient and secure software on a predictable schedule and budget. Despite growing evidence and recognition of the efficacy and value of these practices, the initial implementation and ongoing improvement of the methodology can be challenging. In this podcast from the Carnegie Mellon University Software Engineering Institute, senior engineers Vanessa Jackson and Lyndsi Hughes discuss with principal researcher Suzanne Miller the DevSecOps adoption framework, which guides organizations in the planning and implementation of a roadmap to functional CI/CD pipeline capabilities.
AADL and Edgewater
Security and Wireless Emergency Alerts
Safety and Behavior Specification Using the Architecture Analysis and Design Language
Characterizing and Prioritizing Malicious Code
Applying Agile in the DoD: Sixth Principle
Using Quality Attributes to Improve Acquisition
Best Practices for Trust in the Wireless Emergency Alerts Service
Three Variations on the V Model for System and Software Testing
Adapting the PSP to Incorporate Verified Design by Contract
Comparing IT Risk Assessment and Analysis Methods
AADL and Aerospace
Assuring Open Source Software
Security Pattern Assurance through Roundtrip Engineering
The Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2)
Applying Agile in the DoD: Fifth Principle
Software Assurance Cases
Raising the Bar - Mainstreaming CERT C Secure Coding Rules
AADL and Télécom Paris Tech
From Process to Performance-Based Improvement
An Approach to Managing the Software Engineering Challenges of Big Data
Create your
podcast in
minutes
It is Free