EP100 2022 Accelerate State of DevOps Report and Software Supply Chain Security

Topics covered:

• How did you get involved with this year’s Accelerate State of DevOps Report (DORA report)?
• So what is DORA and why did you decide to focus on supply chain security for the 2022 report?
• What are the big learnings from this year’s report?
• What’s the difference between SLSA and SSDF? Is one spicy and the other savory? How’re companies adopting these and how is adoption going? 
• Are there other areas that DevOps can be a contributor in the overall security landscape? 
• How can CISOs rope DevOps fully into their security gang?
• Operationally, how should security and developers and DevOps come together to keep vulnerabilities out in the first place?
• How should security and developers and DevOps come together to respond quickly to vulnerabilities when they’re discovered?
• How do security and developers and DevOps come together to prove to their auditors and customers that they’re doing a good job of the above?