
close
close
Upcoming FREE Conference on Identity Management and Privileged Access Management
Some might hate me for saying it, but DevOps can sometimes be a bit of a politics game. When you’re working deep in the trenches, it can be difficult to convince upper management on where you should be spending your time in terms of new functionality and never-ending bug fixes.
Yesterday during a RSA 2016 session on rugged DevOps, I learned about a neat web utility from Joshua Corman (@joshcorman), CTO of Sonatype, a company that focuses on software supply chain management. He’s also a great person to follow if you’re looking to learn more about DevOps and security best practices.
This free online calculator helps calculate developmental waste in your projects. Corman described that today’s software development is similar to a supply chain, where software is built with several different components. Sonatype states that the challenge is “knowing which components you are using, where they are used and which ones have security vulnerabilities, license or quality issues.”
To better understand this, you can play around with the calculator to interpret how much technical debt you’re racking up for these security vulnerabilities. It’s common to hear management or clients that demand new functionality, while fixes are put on the backburner. But with this free tool, you at least have some numbers to put things into perspective and engage in a thoughtful discussion on what needs to change. I hope that this tool sparks some valuable discussion where quality, security, and agility can be improved for your products and services.
Stay tuned for more updates from RSA 2016. Feel free to let me know your thoughts about this tool in the article comments or reach out via Twitter (@blair_greenwood).
More in Security
Logpoint's Converged SIEM Platform Adds New Case Management Interface and Other New Features
Mar 30, 2023 | Laurent Giret
Microsoft's New Security Copilot Tool Uses GPT-4 to Quickly Respond to Threats
Mar 28, 2023 | Rabia Noureen
CISA Releases New Free Tool to Identify Threats in Microsoft Cloud Services
Mar 24, 2023 | Rabia Noureen
Microsoft Defender for IoT Gets Cloud-Powered Security Features to Protect Enterprise Networks
Mar 21, 2023 | Rabia Noureen
Azure Firewall Basic Now Available to Protect Small Businesses Against Cyberattacks
Mar 16, 2023 | Rabia Noureen
Microsoft Releases Updates to Patch Critical Outlook NTLM Vulnerability
Mar 16, 2023 | Rabia Noureen
Most popular on petri