Latest Blogs About "DevSecOps"

104 total posts.

4 Min Read
7 Ways Business Processes Have Changed the Need for Security

Travis Wilkins

October 5, 2017

Considering how fast every facet of business is changing today, the job for Security teams has become much more complex — and critical. Not only ...

4 Min Read
Shifting to High-Velocity Cloud Security Operations

Venkat Pothamsetty

September 15, 2017

How to compress Mean Time To Resolution (MTTR) and drive operational efficiency Slashing MTTR is one way of shifting into a high-velocity security ...

2 Min Read
VPNNotify: A VPN Notification bot for Slack

Pat Cable

September 5, 2017

In an earlier post, we talked about how we implemented centralized authentication at Threat Stack. This project initially allowed us to create ...

5 Min Read
How to Use Automation to Decrease Mean Time To Know

Anthony Alves

July 13, 2017

Mean Time To Know (or MTTK for short) is one of the most important metrics in security operations. It measures how efficient the security team is at ...

4 Min Read
5 Pieces of Advice for Navigating the Security Culture Shift

Natalie Walsh

June 19, 2017

As security threats become a bigger part of the day-to-day concerns at all types of organizations, it has become vital to inculcate and promote a ...

5 Min Read
How to Leverage Automation to Make Your Organization Secure by Design

Bob Allin

May 24, 2017

Yesterday, we co-hosted a webinar with Amazon’s security strategist, Tim Sandage, and SessionM’s director of technical solutions and operations, ...

2 Min Read
Authkeys: Making Key-Based LDAP Authentication Faster

Pat Cable

April 21, 2017

Authkeys, Threat Stack’s new open source tool, performs LDAP lookups of SSH keys without the need for using scripts or other interpreted code. You ...

2 Min Read
Balancing Security and Your On-Call Rotation Using Deputize

Pat Cable

April 14, 2017

Threat Stack, like many other Software-as-a-Service providers, has an on-call rotation. During any week, two members of our engineering organization ...

4 Min Read
Resources for DevOps Pros to Learn About Security

Tom McLaughlin

April 6, 2017

These days, security should be part of everyone’s job. This is especially true for DevOps teams, which are responsible for developing, delivering, ...

8 Min Read
Ask Us Anything: Recap on How to Get Started With DevOpsSec

The Threat Stack Team

March 15, 2017

You’re probably familiar with DevOps by now. It’s the collaboration between Development and Operations teams by leveraging the same tools and ...

3 Min Read
DevOpsing at Home

Vitaliy Zakharov

March 13, 2017

I remember the days when SysAdmins bragged about server uptimes that were sometimes measured in years. I have been out of the SysAdmin world for ...

3 Min Read
How to Use Ops Tools for Security and Security Tools for Ops

Tim Armstrong

February 17, 2017

Investing in SecOps doesn’t just mean hiring folks who know how to blend together software development, IT operations, and security skillsets. It ...

5 Min Read
Parsing Simple Grammars in Scala With parboiled2

Ryan Plessner

January 25, 2017

parboiled2 is a Macro-Based PEG Parser Generator written in Scala. It has become our preferred tool for creating parsers for simple grammars. It ...

2 Min Read
Why You Can’t Wait Until a Security Person is Hired

Tim Armstrong

January 11, 2017

Organizations wait to implement security solutions for a variety of reasons. One that we often hear is that they’re looking to land that cloud ...

4 Min Read
3 Ways Businesses Can Address IoT Security Failures

Tim Armstrong

January 5, 2017

I watched a Twilight Zone marathon over the New Year’s weekend, and it got me wondering about today’s Internet of Things (IoT). Are “Things” ...

6 Min Read
Test Systems: The Soft Underbelly of System Security

Apollo Catlin

December 22, 2016

Test systems are the guts of your overall system design. Test systems embody an incredible amount of the history of how your team’s code and ...

4 Min Read
Securing User Credentials With the YubiKey 4

Pat Cable

December 20, 2016

I’m a big fan of the YubiKey 4. The YubiKey is a security device that originally outputted a 44-character “one time password” that could be ...

2 Min Read
Unit Testing With Webpack & Mocha

Vitaliy Zakharov

December 19, 2016

After moving our build infrastructure to webpack, one of the hurdles we had to overcome was finding a good way to run unit tests. Quite a few ...

4 Min Read
Vulnerabilities and Exploits: What You Need to Know

Tim Armstrong

December 12, 2016

Exploits feed on vulnerabilities. Vulnerabilities, in turn, pave the way for exploits. These closely related security concepts are often confused, ...

4 Min Read
4 Ways to Make Tech Debt Great Again

Lucas DuBois

December 6, 2016

The cursor blinks steadily as you stare at a line of code that seemingly serves no purpose. You’re trying to fix a bug that is clearly manifested ...

5 Min Read
5 Things Security Can Learn From Operations’ Transition Into DevOps

Tom McLaughlin

December 2, 2016

Over the past couple of years, a discussion has been brewing in the Security community about the future of its work. On one hand, the need for a ...