Aug 30, 2021 | Cloud security, DevOps, Recent News
NIST and the FDA think so. It’s hard to find a medical device today that doesn’t use software, have an app or connect to the cloud. And the FDA knows it. So much so that it’s now recommending threat modeling (TM) as a best practice when developing medical devices and...
Aug 24, 2021 | Cloud security, DevOps, Recent News
Every developer wants to create secure applications. Unfortunately, there are always some limitations to developing secure applications. And since no one in DevOps seems to be able to wish a secure application into existence, they are stuck following a simple two-step...
Jul 21, 2021 | Cloud security, DevOps, Recent News
Security during cloud migration would be a challenge even if it were done all at once. Since smart cloud migration is done in steps, security during cloud migration becomes even more challenging. Not only are you dealing with two architectures—one on-premises and one...
Jun 30, 2021 | Cloud security, DevOps, Recent News
What’s the easiest way to learn anything new? Don’t start from scratch. This means employing three strategies: 1) Use the skills you already have 2) Take advantage of the latest tools 3) Don’t reinvent the wheel Every time you write a new program, do you use a...
Dec 10, 2020 | Attack Surface Analysis, CISO, Cyber Risk, DevOps, Enterprise Threat Modeling, Risk Management, Security, SOAR
This is an excerpt from a panel we participated in at the NY Cyber Security Summit. You can check out the entire panel below: https://www.youtube.com/watch?v=HMerd-BKaYc&list=PLUJfsMmlclPSfFtn2yYGPI-4jq_NA40aJ&index=6 Security Orchestration Automation Response...
Jun 2, 2020 | Attack Surface Analysis, AWS, AWS Security Epics Automated, CISO, DevOps, DevSecOps
By Michael Vizard The best cybersecurity defense is always applied in layers. If one line of defense fails, the next should be able to thwart an attack and so on. That same, tried and true, security in depth concept applies to DevOps as responsibility for...