Tanya

Safety and Preparation for Hacker Summer Camp

Every August, hackers descend onto Las Vegas, Nevada to participate in #HackerSummerCamp, a combination of multiple cyber security/hacker events that occur simultaneously. There are several events, but the main ones you are likely to hear about are Black Hat, Def Con, B-Sides Las Vegas and the Diana Initiative. #HackerSummerCamp is just the affectionate nickname, it …

Safety and Preparation for Hacker Summer Camp Read More »

Security is Everybody’s Job — Part 6 — The Second Way

The Second Way of DevOps is fast feedback. In security, when we see this we should all be thinking the same thing: Pushing Left. We want to start security at the beginning of the system development life cycle (SDLC) and ensure we are there (providing feedback, support and solutions) the whole way through! Fast feedback …

Security is Everybody’s Job — Part 6 — The Second Way Read More »

Security is Everybody’s Job — Part 4 — What is DevSecOps?

In this post we will explore The 3 Ways of DevOps. But first, a definition from a friend. DevSecOps is Application Security, adjusted for a DevOps environment. –Imran A Mohammed DevSecOps is the security activities that application security professionals perform, in order to ensure the systems created by DevOps practices are secure. It’s the same …

Security is Everybody’s Job — Part 4 — What is DevSecOps? Read More »

Security is Everybody’s Job — Part 3 — What IS DevOps?

What IS DevOps? There are many definitions of DevOps, too many, some might say. Some people say it’s “People, Processes, and Products”, and that sounds great, but I don’t know what I’m supposed to do with that. When I did waterfall I also had people, processes, and products, and that was not great. I thought …

Security is Everybody’s Job — Part 3 — What IS DevOps? Read More »

Security is Everybody’s Job — Part 2 — What is Application Security?

Application Security is every action you take towards ensuring the software that you (or someone else) create is secure. Tanya Janca This can mean a formal secure code review, hiring someone to come in and perform a penetration test, or updating your framework because you heard it has a serious security flaw. It doesn’t need …

Security is Everybody’s Job — Part 2 — What is Application Security? Read More »