January 2017 Archives

NCS Blog: DevOps and Separation of Duties

By Ben Tomhave on January 26, 2017 6:23 PM

From my NCS blog post:

Despite the rapid growth of DevOps practices throughout various industries, there still seems to be a fair amount of trepidation, particularly among security practitioners and auditors. One of the first concerns that pops up is a blurted out "You can't do DevOps here! It violates separation of duties!" Interestingly, this assertion is generally incorrect and derives from a general misunderstanding about DevOps, automation, and the continuous integration/deployment (CI/CD) pipeline.

Continue reading here...

NCS Blog: "Minimum Viable" MUST Include Security

By Ben Tomhave on January 18, 2017 4:55 PM
"If you're a startup trying to get a product off the ground, you've probably been told to build an "MVP" - a minimum viable product - as promoted by the Lean Startup methodology. This translates into products being rapidly developed with the least number of features necessary to make an initial sale or two. Oftentimes, security is not one of the features that makes it into the product, and then it gets quickly forgotten about down the road."
Continue reading here...
« December 2016 | Main Index | Archives | February 2017 »

Search

About this Archive

This page is an archive of entries from January 2017 listed from newest to oldest.

December 2016 is the previous archive.

February 2017 is the next archive.

Find recent content on the main index or look in the archives to find all content.

Categories

Monthly Archives

Pages

  • about
Powered by Movable Type 6.3.7