2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. Having a list of the libraries that internal applications depend on helps you respond in a time of crisis, being able to answer the question "where are we vulnerable?" This leads to a conversation about better DevSecOps - where development, security, and operations all take security seriously and help each other to help the organization succeed!
Links:
Recorded December 20, 2021
Fler avsnitt av RunAs Radio
Visa alla avsnitt av RunAs RadioRunAs Radio med Richard Campbell finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.
