DevOps / Security

The New Stack Context: The Secret of Successful DevSecOps Shops

10 Apr 2020 1:54pm, by

Welcome to The New Stack Context, a podcast where we discuss the latest news and perspectives in the world of cloud native computing. For this week’s episode, we spoke with Derek Weeks, vice president at Sonatype, about the results of a new community survey the company just released on DevSecOps that provides some insights on how teams are incorporating automated security tools and how that shift affects company culture and developer happiness.

TNS editorial and marketing director Libby Clark hosted this episode, alongside founder and TNS publisher Alex Williams and TNS managing editor Joab Jackson.

Subscribe: SoundCloud | Fireside.fm | Pocket Casts | Stitcher | Apple Podcasts | Overcast | Spotify | TuneIn

Sonatype’s Nexus open source governance platform helps more than 1,000 organizations and 10 million software developers simultaneously accelerate innovation and improve application security. This is the seventh year that Sonatype has done this DevSecOps report, and, according to the company, it’s the longest-running community survey on this topic. We discuss with Weeks how the practice of DevSecOps changed since the company started doing the survey, and the challenges organizations face in embedding security within their DevOps practices. We also ponder the reasons behind the puzzling finding that those companies with mature DevSecOps actually have more security breaches.

Then later in the show, we discuss some of the hottest news and podcasts from The New Stack. Our interview with Sysdig’s Kris Nóva delves into cloud native infrastructure and the fallout in San Francisco from COVID-19.  Also on the docket: The Cloud Foundry Foundation has announced that its long-time chief technology officer, Chip Childers, is assuming the role of executive director as of April 2, replacing Abby Kearns. We offer advice on how to protect your next meeting from Zoombombing. And finally, we chat about how open source has expanded beyond software to help with COVID-19-based shortages of ventilators:  An MIT-affiliated team of expert volunteers have released designs for an open source “emergency ventilator” that could be built for as little as $500, much less expensive than the $30,000 required to purchase a new commercial model.

Sonatype is a sponsor of The New Stack.

A newsletter digest of the week’s most important stories & analyses.

View / Add Comments

Please stay on topic and be respectful of others. Review our Terms of Use.