Wed, 29 August 2012
In this episode we ask the big question of "Can security be a part of the 'build/deploy faster!' culture?" We discuss the need to separate out high/low risk code, understanding how to deploy dormant components of the applications, proper testing strategies and branching/merging in a world where faster isn't just an ask, it's a need to stay competitive.
A huge thank you to all my guests for their time and expert insight. The combined talent and experience of my 3 guests is something you should absolutely take a listen to, as these gentlemen really know what they're talking about - whether it's Information/Application Security, or DevOps ... this is a discussion that bridges both with expert precision.
Direct download: DtR_21_-_Wickett_Galbreath_Saudan_-_Continuous_deployment__security.mp3
Category:Information Security -- posted at: 10:20am CDT
Mon, 6 August 2012
This episode was recorded in June '12, live from the show floor at HP Discover Las Vegas, 2012 and the talk of the town was once again DevOps. Gene and I have had 2 prior conversations on the topic, but we're once again tackling the impact of DevOps on the IT and security relationship and overall business value. We tip our hats to several people including Josh Corman (Rugged DevOps), David Mortman, James Wickett, Nick Galbreath and Mr. Daniel Blander for their prior contributions and supporting work on the topic. Gene talks about some of the mechanisms we have available to us to bridge that IT Security-to-developer-to-operations gap that's holding us back from true business value. Fun fact- studies have found that when you wake up a developer at 2am to solve an issue, problem resolution times plummet!
Enjoy the podcast, and go grab Gene's books when they're available... comments are welcome!