#NoDrama DevOps
  • Blog
  • About
  • Knowledge Base
    • Agile and DevOps
    • Containers
    • Cloud Security
    • Docker
    • State of App Secret Delivery
    • Strategy
  • Subscribe
Select Page

RSA Conference 2020: A DevOps Perspective

by Stephen Kuenzli | Mar 6, 2020 | DevOps, Risk, Security

I attended two and a half days of the RSA security conference last week and I’d like to share my first-timer perspective with you. Summary The opening keynote challenged Information Security to reorganize to collaborate better with users, business, risk, and IT...
Computing a Risk Estimate using Netflix’s riskquant

Computing a Risk Estimate using Netflix’s riskquant

by Stephen Kuenzli | Feb 13, 2020 | AWS, Cloud, DevOps, Risk

RT: 5 minutes Modeling Risk in Cloud Deployments described how to estimate and record threat impact and likelihood information in tags applied to Cloud resources such as databases and object stores. You can compute the risk of those threats by plugging that impact and...

Modeling Risk in Cloud Deployments

by Stephen Kuenzli | Feb 10, 2020 | AWS, DevOps, Risk, Security, Systems

Information Security risks are those risks “that arise from the loss of confidentiality, integrity, or availability of information or information systems and reflect the potential adverse impacts to organizational operations, organizational assets, individuals,...

Modeling Security in Cloud Deployments

by Stephen Kuenzli | Feb 5, 2020 | AWS, Cloud, DevOps, Risk, Security, Systems

Cloud deployments often use tagging to describe the context of a compute or resource such as a who owns or what application a virtual machine or object storage bucket belongs to. However, the common resource tagging models in use don’t describe the context...
Research: Problems Engineers have Securing Cloud Deployments and ‘Shift Left’

Research: Problems Engineers have Securing Cloud Deployments and ‘Shift Left’

by Stephen Kuenzli | Jan 27, 2020 | Cloud, DevOps, Security

Shift Left, Photo by Nick Fewings I hit an obstacle on my way to extending the common resource tagging models with context to describe security and risk attributes. I couldn’t get past that while I feel this should be a settled engineering practice, it...

Research: Problems with top free security assessment tools (2020q1)

by Stephen Kuenzli | Jan 15, 2020 | AWS, Cloud, DevOps, Security

I’m researching how engineers assess the security posture of their Cloud deployments and evaluate risk to those deployments so they can improve it. Reading Time: 10 minutes The research starts with these questions: What’s the hardest part about assessing...
« Older Entries
Next Entries »

KEEP LEARNING

You have Successfully Subscribed!

Receive #NoDrama articles in your inbox whenever they are published.

 

Reply to Stephen and the QualiMente team when you want to dig deeper into a topic.

  • Twitter
nodramadevops.com by QualiMente