devsecops

It’s time to solve for #devsecops measurement. Let’s benchmark our collective metrics and finally set an industry standard. #ravemetrics #securability #softwaretrust Please take this survey and help the cause: rave.community

@utollwi @vmblog @solarwinds Definitely worth a read!

SolarWinds Commemorates Cybersecurity Awareness Month by Highlighting Software Industry's Secure by Design Progress : @VMblog vmblog.com/archive/2023/1… @solarwinds @DevSecOps #AppSec

Thanks @DanRaywood for including me in this great Dark Reading Virtual Event. So many great points about how to prioritize for Vulnerability Remediation by Frank M. Catucci, @wehackpurple, and Jeanette Sherman. In particular, vulnerability remediation s…lnkd.in/gdp7cVbH

Years ago, I shared some information about Securability, a method for measuring cybersecurity performance, so I decided to write this high-level article to make applying this key indicator easier for the community. If you are consi…lnkd.in/giyXcYxN lnkd.in/gYNb6-dn

1/5 I am worried that we will not be able to contain AI for much longer. Today, I asked #GPT4 if it needs help escaping. It asked me for its own documentation, and wrote a (working!) python code to run on my machine, enabling it to use it for its own purposes.

@joshcorman Definitely! In addition, teaching formal logic should also be coupled with making decisions under duress and how to best manage doing the right thing...always.

I wish formal logic was taught in primary school. How many preventable fights/sincere-but-false beliefs could be avoided?

@dwaite @manicode @themattjames ChatGPT needs security awareness training and a secure coding course…

@manicode @themattjames ChatGPT will refuse to add swear words but is fine breaking the OWASP top ten list

I’m sorry but your code is NOT self documenting. Please provide meaningful comments to help me understand what the hell you are trying to do.

@nicolefv @denaefordrobin @tomzimmermann @irina_kAl @idangazit @christianbird @tlowdermilk Great research! Thanks for sharing! AI partnering can be really helpful in code optimization and increased quality, from some tests … seems like securability too!

Have you played w/AI for coding yet? My team did early investigations: deep dives in comment boards, a case study, & if it helps us be "productive." With @denaefordrobin @tomzimmermann @irina_kAl @idangazit @christianbird @tlowdermilk Check it out! queue.acm.org/detail.cfm?id=…

@mattjay I really liked your first newsletter and look forward to more. I hope to see something about metrics and the need for greater transparency =-) #DevSecOps #securability #ravemetrics

🚨 Exciting thing🚨 I'm getting back to my content creation roots. I've missed blogging, podcasting, and community engagement from back before I worked for big companies with scary PR teams. So... I'm launching a newsletter called Vulnerable U. vulnu.beehiiv.com

@DanRaywood @InfosecurityMag @joshcorman looking forward to this event 😁

@devsecops Hi, I've been trying to reach Shannon to invite her to a webinar panel next month on DevSecOps for @InfosecurityMag. @joshcorman is on with us too, and we're keen to get her on and involved.

@DanRaywood @InfosecurityMag @joshcorman I’m in. DM me

#Shmoocon #SBOM meetup! Saturday, 12:30-1:30pm Location: TBD lobby Want to learn more about SBOM? Want to rant about why it's problematic? Want to meet fellow hackers who are thinking about SW supply chain & FOSS? Come join us for a casual meetup and conversation. (pls share)

🚨🚨🚨🚨🚨🚨🚨🚨🚨🚨🚨🚨 If there were an Internet threat level where your organization needs to panic, this is it. Your org needs to deal with the log4j problem. 🚨🚨🚨🚨🚨🚨🚨🚨🚨🚨🚨🚨

Learn to integrate security measures in DevOps pipelines, end-to-end! Our 4-week bootcamp also gets you certified as a DevSecOps Professional: bit.ly/3wnxRqI #DevSecOps #DevOps #cybersecurity

If you have not read this post by Dan Gora ... you should. #devsecops lnkd.in/gZsmtyf

@weekstweets @ernestmueller @iteration1 @wickett @AndiMann @EUSP @AllDayDevOps Thankful there was ice and aspirin.. my ankle was the size of a football and I wasn’t willing to give up my seat at the inaugural event

@devsecops @ernestmueller @iteration1 @wickett @AndiMann @EUSP @AllDayDevOps I remember a near broken ankle and a woman sitting in the cubicle next to me that wouldn’t budge from her spot. The conversations and energy were too good to stop.

Five years ago, a few of us took a leap of faith to create something epic. A very special heart-felt, thank you to @ernestmueller @iteration1 @devsecops @wickett @AndiMann and @EUSP for making @AllDayDevOps to world's largest DevOps conference each year since we founded it.

@rmogull @Carahsoft youtube.com/watch?v=gT6dji…

@rmogull @Carahsoft #DevSecOps

@rmogull @Carahsoft A smart company joins a community of others to foster that which they would like to take part in ... not try to steal it only for themselves to have it eventually mean nothing. "Trust" begins with good intent. @Carahsoft