Best Practices Across the DevSecOps Lifecycle

Twistlock sponsored this podcast.
Best Practices Across the DevSecOps Lifecycle
DevOps has been with us for several years now, and is becoming increasingly entrenched within the enterprise. Yet the speed and elevation that the practice offers can be at odds with an organization’s security posture, which ensures that systems have no vulnerabilities and meet compliance — work that can take time to complete. Can a business do both?
To help answer this question, we assembled a panel of experts at KubeCon + CloudNativeCon EU last month. Our guests are:
- Dirk Herrmann, Principal Product Manager, Red Hat,
- John Morello, Chief Technology Officer, Twistlock,
- Murugiah Souppaya, Computer Scientist, National Institute of Standards and Technology.
“The biggest shift with DevOps is how you do you integrate the teams, if they’ve been siloed within the organization? How do you get them not just to collaborate, but to thoughtfully build tooling that enables both functions to work more productivity by sharing information between them?” Morello said.
TNS Managing Editor Joab Jackson hosted this episode.
Red Hat is a sponsor of The New Stack.
In This Edition:
2:27: DevOps and Security.
7:33: Challenges.
11:56: The Zero-Trust model.
15:29: More on Zero Trust.
16:08: Whitelisting and list-privilege principal.
18:37: NIST guidelines.
Red Hat is a sponsor of The New Stack.