Epic Failures In Devsecops
Download Epic Failures In Devsecops PDF/ePub or read online books in Mobi eBooks. Click Download or Read Online button to get Epic Failures In Devsecops book now. This website allows unlimited access to, at the time of writing, more than 1.5 million titles, including hundreds of thousands of titles in various foreign languages.
Epic Failures in Devsecops
We learn more from failures than we do from successes. When something goes as expected, we use that process as a mental template for future projects. Success actually stunts the learning process because we think we have established a successful pattern, even after just one instance of success. It is a flawed confirmation that "This is the correct way to do it," which has a tendency to morph into "This is the only way to do it."Real learning comes through crisis.If something goes wrong, horribly wrong, we have to scramble, experiment, hack, scream and taze our way through the process. Our minds flail for new ideas, are more willing to experiment, are more open to external input when we're in crisis mode.The Genesis of an IdeaThat's where the idea for this book came from. When I was in Singapore for DevSecOps Days 2018. Edwin Kwan, Stefan Streichsbier and DJ Schleen were swapping war stories over a couple of beers.The conclusion of their evening of telling tales was the desire to find a way to get those stories out to the community. They spoke with me about putting together a team of authors who would tell their own stories in the hope of helping the DevSecOps Community understand that failure is an option.Yes. You read that right. Failure is an option.Failure is part of the process of making the cultural and technological transformation that needs to happen in order to keep innovating. It is part of the journey to DevSecOps. The stories presented here aren't a roadmap. What they do is acknowledge failure as a part of the knowledge base of the DevSecOps Community.The days of stand-alone security teams isolated from the real process of development are coming to an end. Paraphrasing Caroline Wong, "Security needs to be invited to the party, not perceived as a goon standing at the front door denying admission." With DevSecOps, security is now part of the team.After reading these stories, we hope you will realize you are not alone in your journey. Not only are you not alone, there are early adopters who have gone before you, not exactly "hacking a trail through the swamp,"but at least marking the booby traps, putting flags next to the quick-sandpits and holding up a 'Dragons be here' sign at perilous cave openings
Epic Failures, Volume 2
Authors: Chris Riley, Dr. Cherry Vu, Eliza-May Austin, Marc Cluet, Jaclyn Damiano, Rob England, Jasmine James, Sladjana Jovanovic, Ryan Lockard, Larry Maccherone, Bill McArthur Another year, another nine failures. That's just the way it goes when you ask to hear stories about Epic Failures. Everybody's got one. Last year, in 2019, when we published the first Epic Failures book, we had no idea whether anyone would be interested. Thousands of downloads later, with literally thousands of printed books being handed out at conferences, we now know the truth: the community loves failure. At least hearing about other people's failures. Volume Two builds on the momentum created by Volume One. The quality of this set of stories is outstanding, starting with "Question Everything" by the DevSecOps Contrarian herself, Eliza May Austin. Larry Maccherone, "SHIFT Left. NOT S#!T Left", runs through a list of six ways to fail on a project, while "Making Everyone Visible In Tech" by Jaclyn Damiano tells a personal story of life transformation through tech. Sladjana Jovanovic and Bill McArthur from TD Bank take on the Herculean task of breaking down silos to create a collaborative environment in "Collaboration vs Silos". "What Not to do When Rolling out DevSecOps and Other Learnings" comes from Jasmine James in her work as an IT Manager at Delta Airlines. Marc Cluet takes on cultural transformation, "Cultural Approaches to Transformations: Staying Safe and Healthy", while Ryan Lockard focuses on "The Seven Deadly Sins of DevSecOps". Chris Riley asks us the meme inducing question, "Did you try turning it off and on?" when examining simple bugs that have debilitating outcomes, and we finish with IT Sceptic Rob England and Dr Cherry Vu encouraging us to "Kill the Restructure". One of the motivations for publishing a book like this is for you, the reader, to be able to self-identify with the stories. It is our hope that you will see yourself somewhere within these pages and know you did not screw things up on your own, you are not unique when it comes to hosing a project, and sometimes you can sit back and laugh after it's all over. It's important to be able to step back and get perspective when something goes wrong, and even better to let others know what happened.I'm proud to give these authors the chance to tell their stories and hope it encourages you to let others know about your Epic Failures. Who knows? You might end up telling your story in Volume 3 of Epic Failures in DevSecOps. Best wishes on your next productive failure. Mark Miller, January 2020 Founder and Editor, Epic Failures in DevSecOps Co-founder, All Day DevOps
DevOps for Compliance: Building Automated Compliance Pipelines for Cloud Security
Author: Deepak Antiya
language: en
Publisher: Xoffencer international book publication house
Release Date: 2024-12-30
DevSecOps is a cultural change aiming to integrate security into the rapid- release cycles typical of modern software application development and delivery, known as DevOps. The ultimate goal of DevSecOps is to have development, security, and operations teams working together to create business value through the fast delivery of secure software using a process of continuous security. This integration is a concept that the IT industry has long wrestled with but has become possible only today due to the many evolutions the software engineering industry has undergone in the last 20 years. The Agile and DevOps movements promoted the necessary culture and tools needed to bring DevSecOps into life. This chapter explores what DevSecOps is, what we secure, and the benefits of DevSecOps adoption. It concludes with common misconceptions about the term. I hope that by the end of the chapter, you will be able to understand the difference between DevSecOps, continuous security, and security as code