December 5, 2022
EP100 2022 Accelerate State of DevOps Report and Software Supply Chain Security
View more episodes
- How did you get involved with this year’s Accelerate State of DevOps Report (DORA report)?
- So what is DORA and why did you decide to focus on supply chain security for the 2022 report?
- What are the big learnings from this year’s report?
- What’s the difference between SLSA and SSDF? Is one spicy and the other savory? How’re companies adopting these and how is adoption going?
- Are there other areas that DevOps can be a contributor in the overall security landscape?
- How can CISOs rope DevOps fully into their security gang?
- Operationally, how should security and developers and DevOps come together to keep vulnerabilities out in the first place?
- How should security and developers and DevOps come together to respond quickly to vulnerabilities when they’re discovered?
- How do security and developers and DevOps come together to prove to their auditors and customers that they’re doing a good job of the above?