RunAs Radio

DevSecOps in 2022 with Jess Dodson

01.05.2022 - By Richard CampbellPlay

Download our free app to listen on your phone

Download on the App StoreGet it on Google Play

2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. Having a list of the libraries that internal applications depend on helps you respond in a time of crisis, being able to answer the question "where are we vulnerable?" This leads to a conversation about better DevSecOps - where development, security, and operations all take security seriously and help each other to help the organization succeed! Links:Power AppsAzure SentinelSoftware Bill of MaterialsConfiguration Management DatabaseRecorded December 20, 2021

More episodes from RunAs Radio