Back
#100
December 5, 2022

EP100 2022 Accelerate State of DevOps Report and Software Supply Chain Security

Guests:

27:27

Subscribe at Google Podcasts.

Subscribe at Spotify.

Subscribe at Apple Podcasts.

Topics covered:

  • How did you get involved with this year’s Accelerate State of DevOps Report (DORA report)?
  • So what is DORA and why did you decide to focus on supply chain security for the 2022 report?
  • What are the big learnings from this year’s report?
  • What’s the difference between SLSA and SSDF? Is one spicy and the other savory? How’re companies adopting these and how is adoption going? 
  • Are there other areas that DevOps can be a contributor in the overall security landscape? 
  • How can CISOs rope DevOps fully into their security gang?
  • Operationally, how should security and developers and DevOps come together to keep vulnerabilities out in the first place?
  • How should security and developers and DevOps come together to respond quickly to vulnerabilities when they’re discovered?
  • How do security and developers and DevOps come together to prove to their auditors and customers that they’re doing a good job of the above?

Do you have something cool to share? Some questions? Let us know:

View more episodes