Skip to content

Security

Dev is Prod

Everyone’s shifting left

It seems like everybody is shifting to CI/CD. Hopefully, they are involving security (‘shifting left’ on security), and security is engaging.

Discussions around security and CI/CD focus on security of the product under development, rather than details of the development tooling.
DevSecOps focuses on mitigating bugs and security problems early in the development lifecycle at best, and vulnerability scanning container artifacts as part of a deployment pipeline at worst (while still a net positive step). The data shows shifting security left in this fashion is a solidly positive impact for organizations 2.

ShmooCon 2020

Traditions

ShmooCon 2020 was a fun mix of business and pleasure for me. This was my 15th(!?!?!) ShmooCon, and the 16th in total. I don’t know that I’ve gone to any other event as often. It’s now been so many years that my group of friends has traditions: - Le Mirch for Indian at least one night - Krispie Kreme delivered on Saturday night around 1-2am for post party friend making - and staying up way later than normal, hacking on projects and chatting in the hotel lobby.