GitLab’s Post

Tensions around measuring developer productivity is a hot topic which we revealed in our annual Global DevSecOps Report. 🔥 See what else we uncovered about the dev experience ⬇️ https://bit.ly/3xCtlKY

In this video, I talk about DevSecOps patterns, the practices and example of implementing DevSecOps in a software delivery pipeline.

Lot of people who have been doing DevSecOps for a couple of years swear by their tool chain consisting of at least 5 tools. But if you sit back and think about it, a couple of years ago that’s all you could do. Times have changed. Efficiency in the workflow for software development is here. Consolidate and embark on a new journey. Time for version 2.0 of DevSecOps. https://lnkd.in/ecDvTJeq

DevSecOps tools shouldn't create more problems than they solve. But with CloudBees, you can choose the tools you prefer, integrate smoothly, and scale without headaches. The result: Trustworthy pipelines producing software that is always worthy of release.

I’m excited to announce that I’ll be one of the panelists at the upcoming Secure Code Warrior event on DevSecOps Transformation! 🎉 Huge thanks to Secure Code Warrior for inviting me to discuss one of my favorite topics: DevSecOps transformation. This virtual and on-site event kicks off June 13th at 7:30am EDT and will cover a range of exciting topics, including: - The evolution of DevSecOps - Practical steps for transforming your security practices - Real-world success stories and lessons learned - Engaging discussions on the future of secure software development, including the use of GenAI in SDLC workflows Whether you're a developer, a security practitioner, or anyone involved in building software, this event is for you! Join us to gain valuable insights, share your experiences, and connect with like-minded professionals. Sign up now and be part of the conversation! Registration link in the comments. #devsecops #softwaresecurity #productsecurity #applicationsecurity #community #securityawareness

DevOpsDays DC will be hosting Nora Jones' (https://lnkd.in/erU6Hbfc) talk on How do we talk to each other? How surfacing communication patterns in organizations can help you understand and improve your resilience. As a system increases in inevitable complexity, it becomes impossible for a single operator to have a clear, unambiguous understanding of what's happening in the system. Understanding the system requires a joint effort between teammates and technology. Often, we are too focused on the single operator experience to improve this. In this talk, we will uncover how communication patterns in organizations can reveal how systems actually work in practice, vs how we think they work in theory -- and use this knowledge to improve the resilience of our systems. Get your ticket now! https://buff.ly/3qsQqM4

Calling all DevSecOps enthusiasts! If you missed Tanya Janca's talk "DevSecOps: More Than Just Pipelines" at the Conf42 DevSecOps Conference last year, fret not! You can watch the recording on YouTube here: 🔗 https://lnkd.in/g6EeraBT #DevSecOps

The JFrog Qwak CTO's are coming together in our next webinar to provide insights that could simplify your #MLOps. Learn about managing models as a package allowing developers to version, manage, & secure models in the same way other software package with DevSecOps best practices would be handled! 🔒 Register here: https://jfrog.co/3VX9dwm

In this case study, you'll learn how DoubleVerify's DevOps team used Kyverno to ensure critical workload protection, TLS compliance, and balancing developer ease with policy enforcement. More: https://lnkd.in/d9g2axSR