This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2020-10-15
Channels
- # ask-the-speaker-track-1 (437)
- # ask-the-speaker-track-2 (251)
- # ask-the-speaker-track-3 (122)
- # ask-the-speaker-track-4 (136)
- # bof-american-airlines (3)
- # bof-arch-engineering-ops (3)
- # bof-covid-19-lessons (1)
- # bof-cust-biz-tech-divide (26)
- # bof-leadership-culture-learning (6)
- # bof-next-gen-ops (1)
- # bof-overcoming-old-wow (3)
- # bof-project-to-product (3)
- # bof-sec-audit-compliance-grc (11)
- # bof-transformation-journeys (4)
- # bof-working-with-data (1)
- # demos (57)
- # discussion-connect-february (1491)
- # games (41)
- # happy-hour (162)
- # help (96)
- # hiring (12)
- # itrev-app (10)
- # lean-coffee (65)
- # networking (16)
- # project-to-product (3)
- # summit-info (199)
- # summit-stories (60)
- # xpo-atlassian (1)
- # xpo-delphix (48)
- # xpo-gitlab-the-one-devops-platform (2)
- # xpo-infosys-enterprise-agile-devops (2)
- # xpo-instana (3)
- # xpo-itrevolution (1)
- # xpo-launchdarkly (10)
- # xpo-moogsoft (3)
- # xpo-muse (9)
- # xpo-nowsecure-mobile-devsecops (3)
- # xpo-opsani (5)
- # xpo-optimizely (1)
- # xpo-pagerduty (18)
- # xpo-pc-devops-qualifications (5)
- # xpo-planview-tasktop (4)
- # xpo-plutora-vsm (1)
- # xpo-redgatesoftware-compliant-database-devops (9)
- # xpo-servicenow (1)
- # xpo-snyk (2)
- # xpo-sonatype (8)
- # xpo-split (9)
- # xpo-sysdig (25)
- # xpo-teamform-teamops-at-scale (6)
- # xpo-transposit (4)
Hi everyone! I’m going to be the host for today’s Security-Audit-Compliance-GRC session. Looking forward to talking with you all as this is always an exciting topic: Here’s the Zoom info for BOF session starting at 245pm PT / 545pm ET: https://sonatype.zoom.us/j/98357181714 Meeting ID: 983 5718 1714 One tap mobile <tel:+13017158592,,98357181714#|+13017158592,,98357181714#> US (Germantown) <tel:+13126266799,,98357181714#|+13126266799,,98357181714#> US (Chicago)
Great article we were discussing: https://cacm.acm.org/magazines/2018/4/226371-lessons-from-building-static-analysis-tools-at-google/fulltext
what about state when development has different tool preference compared to global enteprise security in the tool choice? Any experience? Development might prefer "easy to use" tools but it might not be the same preference of enterprise security. Is it the tool realy developers choice?
need to leave, thanks @weeks. you answered my question, we need to start more interaction between dev and enterprise security (eg. use security developer as proxy)
Nygard’s book: https://myresources.itrevolution.com/id006657043/DevOps-Automated-Governance-Reference-Architecture
@aries which was the other tool you mentioned in this space?
new busineses should focus on “automating IT problems”
Also worth checking out this DevSecOps reference architecture: https://www.sonatype.com/referencearchitecturetestdrive