January 05, 2022

DevSecOps in 2022 with Jess Dodson

Listen Later

39 minutes

2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. Having a list of the libraries that internal applications depend on helps you respond in a time of crisis, being able to answer the question "where are we vulnerable?" This leads to a conversation about better DevSecOps - where development, security, and operations all take security seriously and help each other to help the organization succeed!

Links:

Power Apps
Azure Sentinel
Software Bill of Materials
Configuration Management Database

Recorded December 20, 2021

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

RunAs Radio

By Richard Campbell

4.6

8282 ratings

January 05, 2022

DevSecOps in 2022 with Jess Dodson

Listen Later

39 minutes

2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. Having a list of the libraries that internal applications depend on helps you respond in a time of crisis, being able to answer the question "where are we vulnerable?" This leads to a conversation about better DevSecOps - where development, security, and operations all take security seriously and help each other to help the organization succeed!

Links:

Power Apps
Azure Sentinel
Software Bill of Materials
Configuration Management Database

Recorded December 20, 2021

...more

More shows like RunAs Radio

Software Engineering Radio - the podcast for professional software developers by team@se-radio.net (SE-Radio Team)

Software Engineering Radio - the podcast for professional software developers

271 Listeners

Hanselminutes with Scott Hanselman by Scott Hanselman

Hanselminutes with Scott Hanselman

383 Listeners

.NET Rocks! by Carl Franklin and Richard Campbell

.NET Rocks!

37 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

290 Listeners

This Week in Tech (Audio) by TWiT

This Week in Tech (Audio)

3,062 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,010 Listeners

MacBreak Weekly (Audio) by TWiT

MacBreak Weekly (Audio)

2,011 Listeners

Windows Weekly (Audio) by TWiT

Windows Weekly (Audio)

887 Listeners

Tech News Weekly (Audio) by TWiT

Tech News Weekly (Audio)

1,073 Listeners

Intelligent Machines (Audio) by TWiT

Intelligent Machines (Audio)

780 Listeners

The a16z Show by Andreessen Horowitz

The a16z Show

1,091 Listeners

Daily Tech News Show by Tom Merritt

Daily Tech News Show

1,393 Listeners

Smashing Security by Graham Cluley

Smashing Security

319 Listeners

.NET Rocks! by Carl Franklin and Richard Campbell

.NET Rocks!

244 Listeners

The Stack Overflow Podcast by The Stack Overflow Podcast

The Stack Overflow Podcast

63 Listeners

2.5 Admins by The Late Night Linux Family

2.5 Admins

98 Listeners