Software supply chains were front-and-center for The New Stack long before COVID-19-related self-isolation directives disrupted the delivery of physical goods. We created a four-question poll that will continue to inform our reporting around changing roles and responsibilities in securing the software pipeline. Please provide your input on this short, four-question survey at the bottom of this page or by clicking on the following button.
How continuous integration and continuous delivery (CI/CD) pipelines should address security is a perennial hot topic. In fact, there isn’t even agreement about whether or not the security of the pipeline can be assessed as an integrated unit.
As security continues to “shift left,” the issue of tooling has become a point of contention among developers, DevOps and information security teams. We delve into this subject by asking who is responsible for selecting these tools and to what extent they are actually being used. Finally, we ask if the teams managing applications actually have any incentive to make sure the code has as few vulnerabilities as possible.
The New Stack plans to conduct more mini-surveys to provide data-informed context for future editorial coverage. All data from the report will be made publicly available. If you or your company are interested in conducting more in-depth survey research about cloud native topics, please reach out to Lawrence Hecht.