January 05, 2022

DevSecOps in 2022 with Jess Dodson

Listen Later

39 minutes

2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. Having a list of the libraries that internal applications depend on helps you respond in a time of crisis, being able to answer the question "where are we vulnerable?" This leads to a conversation about better DevSecOps - where development, security, and operations all take security seriously and help each other to help the organization succeed!

Links:

Power Apps
Azure Sentinel
Software Bill of Materials
Configuration Management Database

Recorded December 20, 2021

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

RunAs Radio

By Richard Campbell

4.6

8080 ratings

January 05, 2022

DevSecOps in 2022 with Jess Dodson

Listen Later

39 minutes

2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. Having a list of the libraries that internal applications depend on helps you respond in a time of crisis, being able to answer the question "where are we vulnerable?" This leads to a conversation about better DevSecOps - where development, security, and operations all take security seriously and help each other to help the organization succeed!

Links:

Power Apps
Azure Sentinel
Software Bill of Materials
Configuration Management Database

Recorded December 20, 2021

...more

More shows like RunAs Radio

This Week in Tech (Audio) by TWiT

This Week in Tech (Audio)

3,012 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

1,981 Listeners

Hanselminutes with Scott Hanselman by Scott Hanselman

Hanselminutes with Scott Hanselman

377 Listeners

Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

Software Engineering Radio - the podcast for professional software developers

272 Listeners

.NET Rocks! by Carl Franklin and Richard Campbell

.NET Rocks!

37 Listeners

.NET Rocks! by Carl Franklin and Richard Campbell

.NET Rocks!

244 Listeners

MacBreak Weekly (Audio) by TWiT

MacBreak Weekly (Audio)

2,011 Listeners

Windows Weekly (Audio) by TWiT

Windows Weekly (Audio)

868 Listeners

Risky Business by Patrick Gray

Risky Business

364 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

640 Listeners

Intelligent Machines (Audio) by TWiT

Intelligent Machines (Audio)

735 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

283 Listeners

Tech News Weekly (Audio) by TWiT

Tech News Weekly (Audio)

1,072 Listeners

The Cloudcast by Massive Studios

The Cloudcast

154 Listeners

The Stack Overflow Podcast by The Stack Overflow Podcast

The Stack Overflow Podcast

63 Listeners

2.5 Admins by The Late Night Linux Family

2.5 Admins

91 Listeners