[Note that this is a slightly abbreviated version (yes, really…) of the original. The original only went to the subscribers to my daily email tips, but you can get all the goodies too if you type your email in that box. You’ll always be the first to know what’s going on, and sometimes, it might […]
Is your SABSA stuck in the mud?
During the research I did last year reaching out to SABSA practitioners, one of the things that kept coming up over and over again was that people were having a really hard time trying to get started with SABSA in their own environments. And this isn’t just with people who take the course and try […]
Tossing the DevSecOps zombies over the waterfall
I get what the whole DevSecOps movement is trying to accomplish. I really do. Because they’re right: The “traditional” approach to security is well and truly broken. We have proof of this every day from the trenches, let alone the headlines. And so, we need to “Shift left!” “Shift left…shift left…shift left…” It’s a mantra. […]
