FedSearch
Jay Cuthrell · @jay
107 followers · 478 posts · Server cuthrell.com

#chaos #chaosengineering #faulttolerance #faultfinding #faultinjection #securityengineering #dataops #dataoperations #ai #resiliency #devx #devops #devsecops #platformengineering #platformengineer #cloudinfrastructure #securityautomation #securitybydesign #shiftleft #shiftup #newsletter #newsletters

Last updated 1 year ago
Original post

Jay Cuthrell · @jay
103 followers · 438 posts · Server cuthrell.com

#fuzzing #fuzztesting #fuzzylogic #fuzzball #fuzzy #platformengineering #platformengineer #toolchains #attestation #softwaresupplychain #softwaresupplychainsecurity #dast #owasp #waf #cncf #aif #artificialintelliegence #machinelearningmodels #cloudinfrastructure #securityautomation #securitybydesign #scanning #defenseindepth #shiftleft #newsletter #newsletters

Last updated 1 year ago
Original post

Stella Varvarigou · @stella
9 followers · 9 posts · Server foojay.social

Last December I gave my first talk at Open Conf (open-conf.gr/) about what it means to shift security left and why this is important, along with some best practices.
You can now watch it here.

youtube.com/watch?v=Z-jtOjCkfb

I am really interested about your thoughts and your experience on this matter. Please feel free to share your ideas.

#appsec #applicationsecurity #security #shiftleft #openconf22

Last updated 2 years ago
Original post

Melinda Marks · @melindamarks
127 followers · 85 posts · Server infosec.exchange

My article just scratches the surface. Be sure to check out the presentations and videos of the sessions that are now posted events.linuxfoundation.org/clo 2/2

#CNSCon #devsecops #cloudsecurity #kubecon #shiftleft #cncf #openssf

Last updated 2 years ago
Original post

Melinda Marks · @melindamarks
127 followers · 84 posts · Server infosec.exchange

Really enjoyed a few weeks ago in Seattle. ICYMI: here are my top takeaways bit.ly/3K6k5T7 via @SearchSecurity

#cloudnativesecuritycon #CNSCon #devsecops #cloudsecurity #kubecon #shiftleft #cncf #openssf

Last updated 2 years ago
Original post

Melinda Marks · @melindamarks
118 followers · 69 posts · Server infosec.exchange

My latest blog post is about top security initiatives for effective . Check it out here:
5 ways to enable secure software development in 2023 bit.ly/3HtMfWs via @SearchSecurity

#cloudsecurity #devsecops #cloudnative #appsec #infosec #shiftleft #apisecurity

Last updated 2 years ago
Original post

Ben Stroz6i · @stroz
135 followers · 801 posts · Server infosec.exchange

Went ahead and fixed the cert for the SecDevSecOpsSec site and added a flat hmtl index.

No content, haven't quite decided on that yet. For now, just a silly domain

secdevsecopssec.com/

#devsecops #secdevops #devopssec #secdevsecopssec #devopssecurity #shiftleft #shifteverywhere #sdsos

Last updated 2 years ago
Original post

PartHaircut · @PartHaircut
59 followers · 117 posts · Server infosec.exchange

Pen testing is the “easy part”. Every week I get offers from companies specialising in Penetration Tests.

No one is ever banging on my door telling me about how they are going to support the dev teams to comprehensively understand how each detail in their job impacts the end product security.

Not saying pen tests are useless. They form an important part of the process. It’s just not the hard bit.

#cybersecurity #infosec #devsecops #pentest #humancentredsecurity #securedevelopment #cyber #expandleft #shiftleft

Last updated 2 years ago
Original post

Paul Reynolds :verified: · @ren
66 followers · 12 posts · Server infosec.exchange
Open media

Another of my efforts from the Wiz Academy - DevOps + Security + DevSecOps. Shift-Left and put security first 🔒

wiz.io/academy/moving-from-dev

#cybersecurity #cloudsecurity #devops #devsecops #shiftleft

Last updated 2 years ago
Original post

Emily Gladstone Cole · @Emily
217 followers · 198 posts · Server infosec.exchange

I'm still disappointed that didn't sign with the . It would have allowed me to make a bunch of joke about that only people who understand both and would actually understand. So I'll leave this here, in case anyone's interests intersect the same way mine do.

#carloscorrea #sfgiants #shiftleft #brandoncrawford #baseball #infosec

Last updated 2 years ago
Original post

brent · @brent
0 followers · 6 posts · Server seo.chat

@fili thanks for the boost! Same question for you if you have a little time to opine: What's a challenging area of enterprise SEO we should explore?

I used to work in telemetry/observability and see many parallels to SEO, without the corresponding fancy tooling.

Things I'm asking a lot of questions about:
- large scale AB testing
- SEO and client side rendering
- bringing SEO closer to developer workflows ()

Anyway. Any nudge in the right direction helps us build useful things!

#shiftleft

Last updated 2 years ago
Original post

Melinda Marks · @melindamarks
35 followers · 9 posts · Server infosec.exchange

#infographic #devsecops #infosec #cybersecurity #cloudsecurity #developersecurity #shiftleft #cloudsecurityoperations

Last updated 2 years ago
Original post

Melinda Marks · @melindamarks
113 followers · 59 posts · Server infosec.exchange

#infographic #devsecops #infosec #cybersecurity #cloudsecurity #developersecurity #shiftleft #cloudsecurityoperations

Last updated 2 years ago
Original post

Mike Gifford · @mgifford
802 followers · 269 posts · Server mastodon.social

Sheri Byrne-Haber presents How (and why) to 'shift-left' your accessibility testing youtube.com/watch?v=UmPBLoJI3j

#accessibility #shiftleft

Last updated 2 years ago
Original post

Romano Roth · @romanoroth
11 followers · 10 posts · Server fosstodon.org
Open media

𝐃𝐞𝐯𝐎𝐩𝐬 Keynote at Baloise OpenX Day 2022

In today's world, everybody wants to do DevOps. But why? What problems are we trying to solve? Together we will take a step back and look at how you can architect for continuous delivery.

Thank you Michael Mühlebach and Joachim Prinzbach for the excellent organization.

👉link to video🎞️ : youtu.be/ssA9pxvdJfQ

#devops #valuestreammapping #shiftleft #devsecops #keynote

Last updated 2 years ago
Original post

Melinda Marks · @melindamarks
10 followers · 3 posts · Server infosec.exchange

ESG Data Point of the Week from my research on and security: 83% of organizations have seen an increase in misconfigurations with infrastructure-as-code (IaC) usage
esg-global.com/data-point-of-t

#gitops #shiftleft #devsecops #cloudsecurity

Last updated 2 years ago
Original post

Melinda Marks · @melindamarks
113 followers · 59 posts · Server infosec.exchange

ESG Data Point of the Week from my research on and security: 83% of organizations have seen an increase in misconfigurations with infrastructure-as-code (IaC) usage
esg-global.com/data-point-of-t

#gitops #shiftleft #devsecops #cloudsecurity

Last updated 2 years ago
Original post

erullmann · @erullmann
6 followers · 11 posts · Server infosec.exchange

Something I’ve been thinking about a lot lately is how to use interface design and types to on . Under strongly typed systems you can do things like forcing validation of data before accepting as input, centralize and enforce the correct checking of permissions, and stop the logging of sensitive data. Combine this with strong static analysis and you can enforce these rules as code as written, preventing security flaws from being written in the first place.

#shiftleft #security

Last updated 2 years ago
Original post

Geoffrey Dunn · @agilegeoff
80 followers · 228 posts · Server aus.social

To share some content (and perhaps balance out my hiring post). Here's a post I wrote some time ago about Holistic Testing (aka Shift-Left) team-agile.com/2018/10/08/test

#testing #shiftleft #holistictesting

Last updated 2 years ago
Original post