DevSecOps in 2022 with Jess Dodson

About Show #809

2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. Having a list of the libraries that internal applications depend on helps you respond in a time of crisis, being able to answer the question "where are we vulnerable?" This leads to a conversation about better DevSecOps - where development, security, and operations all take security seriously and help each other to help the organization succeed!

Links:

Recorded December 20, 2021

 

Jess Dodson, Customer Engineer with Microsoft Australia, focus on Identity and Security. If you've run into GirlGerms online, chances are you've spoken to Jess!
 

Show Comments

blog comments powered by Disqus