Security Shifts Left (Ep. 59)

February 13, 2018 Jeff Kelly

It's a scary world out there. Threats to your software and applications seemingly lurk around every corner. So what's a development team to do? In this episode of Pivotal Insights, Surag Patel, chief security officer at Contrast Security, joins Jeff and Dormain talk about integrating security into the software development process. Find out how shifting security left results in faster releases, lower costs, and more secure software.

Show Notes

Visit http://pivotal.io/podcasts for show notes and other episodes.
Download the episode and check us out on Soundcloud, subscribe to the feed directly, or on iTunes to have it automatically downloaded for you.
Twitter: @jeffreyfkelly, @dormaindrewitz, @contrastsec
Feedback: podcast@pivotal.io

News & Resources

Check out this post on the Three R's of cloud-native security and how one enterprise dramatically increased the frequency of applying security patches.
Watch this session replay from SpringOne Platform 2017 with Molly Crowther on healthy agile product security.
Learn about strategies for overcoming security challenges unique to cloud-native apps in this on-demand webinar.

About the Author

Jeff Kelly is a Director of Partner Marketing at Pivotal Software. Prior to joining Pivotal, Jeff was the lead industry analyst covering Big Data analytics at Wikibon. Before that, Jeff covered enterprise software as a reporter and editor at TechTarget. He received his B.A. in American studies from Providence College and his M.A. in journalism from Northeastern University.
Follow on Twitter Follow on Linkedin

Steeltoe Turns 2.0, Adds Support for ASP.NET Core 2.0, CredHub, and a SQL Server Connector

Steeltoe is a toolkit to help .NET developers build apps for Cloud Foundry using established microservices ...

Making Sense of Cloud-Native Security (Ep. 58)

Pivotal's Chief Security Officer for Product Justin Smith talks about the security implications of digital ...

Why Tanzu

Paving the Road to Modern Apps

Tanzu Application Platform

Tanzu for Kubernetes Operations

Build apps

Modernize apps

Build your platform

Get started with VMware Tanzu

Developer Center

KubeAcademy

Security Shifts Left (Ep. 59)

Show Notes

News & Resources

About the Author

Previous

Next

Security Shifts Left (Ep. 59)

Show Notes

News & Resources

About the Author

Previous

Next

Related content in this Stream

Watch a customer panel on cloud native security with Jenny Zhang (Mastercard), Thomas Fredell (Merill Corp.), Kurt Glore (Express Scripts), and Thomas Squeo (West Corp.). Moderated by Justin Smith, Ch

In this episode of Pivotal Insights, Pivotal's Rashmi Raghu and Brendan Higgins join talk about using data science and analytics to catch potentially malicious user behavior on corporate networks.

Ensuring Platform Security with Windows Bosh Add-ons and Runtime-Config at Boeing - James Coppock & Sheryl Maris, Boeing We did it! InfoSec said “Not a chance you’re deploying Ubuntu and Windows on P

A cloud-native approach to software can give you speed without sacrificing security. Learn how Merrill Corporation worked with Pivotal to adopt this modern way of working. https://pivotal.io/customer

Container registries add important security features to Kubernetes. This post details how Harbor, part of Pivotal Container Service, helps secure Docker images in PKS deployments.

Pivotal recently published several new whitepapers: The Auditor's Guide to PCF, Security & Compliance for PCF, and Chargebacks & Showbacks in PCF. This post review the highlights of each paper.

Slides: http://www.slideshare.net/Pivotal/cloud-native-security-rotate-repair-repave Enterprise software security traditionally resists change as a matter of unquestioned policy. Vulnerability is a f

The CredHub Service Broker is now a beta. It's a service broker that helps developers secure off-platform service credentials. We examine the tile from the enterprise architect perspective.

Pivotal released the CredHub Service Broker as a beta. It's a service broker that helps developers secure off-platform service credentials with CredHub. Read about the new tile here.

Security has not operated at the speed of software innovations in the last few decades. Learn how a cloud-native security approach can enable your team to succeed and stay safe against modern threats.

The types of threats facing the enterprise are relatively well understood—malware, advanced persistent threats, and leaked credentials—which are typically addressed by slowing the rate of change, beca

Banks of all sizes are modernizing how they do IT and software development. This blog series explores how banks use Pivotal Cloud Foundry to secure backing services for apps.

Banks of all sizes are modernizing how they do IT and software development. This blog series explores how banks use Pivotal Cloud Foundry to secure their cloud-native applications.

PCF 2.1 introduces a new capability that enables multiple development teams working on separate microservices to access the same backing services while maintaining robust security and access controls.