Stop it with the DevSecAuditComplianceOps buzzwords within the software supply chain. Let’s simply talk about Modern Governance. Excellent software supply chain hygiene requires governance. Modern Governance resolves governance toil with a software engineering approach.
The most potent form of a secondary artifact is the documentation of how one evaluated the data. This evaluation is critical as it allows others to see how an individual or organization determined others could trust their artifact. These artifacts are essential to making the best downstream decisions.
DevOps solved the conflict between development and operations. It missed other essential aspects of the delivery lifecycle: security, compliance, and audit. DevSecOps is an excellent reminder that security must be DevOps’d. But, compliance and audit are still missing. There’s no… Read More »DevNation Tech Talk: Dear security, compliance, and auditing: We’re sorry. Love, DevOps