Many DevSecOps Tools are Just DevOps Lipstick on an Old Pig

September 30, 2018

Slides: https://www.slideshare.net/Pivotal/devsecops-is-not-just-devops-lipstick-on-a-traditional-security-pig/Pivotal/devsecops-is-not-just-devops-lipstick-on-a-traditional-security-pig There are a lot of DevSecOps tools that are just DevOps lipstick on a slow security tool pig. Tools that don't give results for hours or sometimes days or lack the ability to integrate well with the development team's other tools and practices are a non-starter. What's needed to add security to DevOps are tools that must be able to do their job within a rapid-cycle CI/CD pipeline. This is disruptive to the entire security tool landscape. This talk lays out the security tool categories that have traditionally been used by development teams and describes the characteristics of ones that fit as ones that don't fit in a DevOps world. Further, the talk presents a novel approach to evaluating DevSecOps tools and the results of using this evaluation approach on a subset of the most popular tools currently in the market. Speakers: Larry Maccherone DevSecOps Transformation Lead, Comcast Filmed at SpringOne Platform 2018

Bringing Agile, DevOps, and Lean to Data

Data is one of an organization’s most valuable assets. Because databases are the stores of that value, the ...

Continuous Delivery to the Cloud Wreaks of Humanity (and That’s a Good Thing!)

Many DevSecOps Tools are Just DevOps Lipstick on an Old Pig

Previous

Next

Many DevSecOps Tools are Just DevOps Lipstick on an Old Pig

Previous

Next

Related content in this Stream

Internal developer platforms (IDPs) might be the latest innovation to hit the platform space, but they represent the culmination of at least a decade of efforts by development, platform and DevOps tea

Containers are popular with both developers and operators because they offer a straightforward way to deploy and manage applications, regardless of the target environment. They facilitate DevOps (and

Please join Nate Schutta and guest Valarie Regas. Valarie is a DevOps fanatic, a Georgia Tech coding bootcamp graduate, and a veteran mommy. She holds a BA in Psychology and currently works as a Devel

In the DevOps, cloud, platform world we're told that operations people starting working closely with developers. This week @thecote been asked "does that really happen?" several times. We discuss...

In the DevOps, cloud, platform world we're told that operations people starting working closely with developers. This week @thecote been asked "does that really happen?" several times. We discuss the

VMware Tanzu Application Platform is a next-generation Kubernetes-based DevOps platform that helps your developers be more productive. The Tanzu Application Platform GUI is built with the Backstage op

Securing the software supply chain is becoming increasingly critical, not only to prevent cyber threats, but also to comply with the executive order from the White House. DevOps teams need to make it

Coté puts together a talk looking out how to use things like OpenAI ChatGPT to make digital transformation, DevOps/culture, whatever and etc. better, if not just less annoying. Chapters: 00:04 - Tes

All that digital transformation, DevOps, whatever stuff is going to require organization change. For reals! Make sure you can actually do it. More: https://tanzu.vmware.com/content/ebooks/the-business

We check-in on "platform engineering," and ponder the theory that it's "DevOps for kubernetes." Also, Coté gives his theory on the rise of platform engineering. In the news section, we cover some of t

We check-in on "platform engineering," and ponder the theory that it's "DevOps for kubernetes." Also, Coté gives his theory on the rise of platform engineering. In the news section, we cover some...

How does the community process work at the CNCF? Dims tells us, and then he discusses it with Alex Williams of @TheNewStack and Coté of @vmware.

Build your own automation platform in 20mn, one artisanal script at a time. Solomon Hykes shows how with #ProjectCloak.

Index: 0:00 - Disclaimer and fun intro video. 0:55 - Presentation. 21:10 - Interview

...with Duffie Cooley of Isovalent.

Jen Kelly goes over what Backstage is. She then talks with Alex Williams from @TheNewStack. Index: 1:06 - Jeny Kelly 15:14 - Interview with Alex Williams

In this episode from VMware Explore, Lukas first goes over vcluster and loft.sh. Then Coté and Alex Williams discuss those topics and kubernetes in general with Lukas.

If you're doing anything with programming, apps, or the software you build and use to run your organization, check out the sessions we have at #VMwareExplore 2022, coming up August 29th to September 1

Moving to the cloud is hard. Even born-in-the-cloud companies worry about keeping their growth on track and their technical debt in check. Given the demands decision makers face for growth, innovation