Security Talks podcast!
Trying some new media: Security Talks podcast! https://rss.com/podcasts/securitytalks1/480628/
Building an Engineering Culture to Get Things Done
Now that we are in full transition from ‘Dev’ and ‘Ops’ as separate entities to the BizSecDevOps way of working, we will be able to empower platform and product teams to create a better IT experience. But with power comes responsibility. What we really need, is an engineering mindset focused on code as the basis …
Egress filtering: you need it!
Security in IT utilises the concept of “assume that you have been breached”. This means that applications and their related infrastructure should be setup in such a way that the impact of a real breach is minimised by making life difficult once an attacker has broken through the defences. Earlier, enablement of infrastructure had months …
Why build your own multi-cloud developer platform?
Multi-cloud, combined with Kubernetes (K8s) container technology offers an interesting approach for financials to accelerate innovation. Best practices for solutions of this kind can be found in other industries. A cross-platform approach when building a self-service environment for product teams ensures long-term flexibility. Another pointer is that it may be important that standardization is encouraged …
Reflections on the DORA metrics validity
Accelerate: The Science of DevOps – Building and Scaling High Performing Technology Organizations (2018) had a huge impact in the technology industry. The book describes models of DevOps capabilities and culture, and how organizations can drive improvement in software delivery and reliability. What most people remember from the book, and the largest impact it’s had on …
Agile is a mindset, not a religion
Quite a few organizations ‘preach’ agile. To be fair, results that have been achieved with agile – also at ING – speak for themselves. However, dogmatically sticking to agile rituals can backfire if it results in less flexibility. This is why we should occasionally ask ourselves the following question: why do we actually work agile? …
Why we ‘shift-left’ with SecDevOps
Why we ‘shift-left’ with SecDevOps How safe is my bank? With cybercrime on the rise, financial consumers are – rightfully – concerned about the security systems of the organizations they put their trust in. The way we build our core banking systems should reflect these concerns. In fact: we should always strive to be named …
How SLOs and error budgets can help improve reliability
An interesting read on practical tools that help DevOps teams balance operational issues and the pursuit of perfection Via InfoWorld: https://www.infoworld.com/article/3626374/how-slos-and-error-budgets-improve-app-reliability.html
2021 Puppet State of DevOps report; most organizations are “stuck in the middle” with their DevOps evolution.
The following write-up describes the impact of team structures and communication when it comes to DevOps transformation. I strongly agree with their statement that ‘Too often Agile and Continuous Delivery optimize the flow of work, not necessarily the flow of customer value. By themselves they lack a way to connect what you’re doing with why …
Build your library: Engineering Management Books
A nice start to your library whenever moving towards a management role in software: https://caitiem.com/2020/12/28/recommended-engineering-management-books/