In the vein of bestselling titles The Phoenix Project and The Unicorn Project, Investments Unlimited will help organizations radically rethink how they handle audit, compliance, and security for their software systems. By introducing concepts, tools, and ideas to reimagine governance, this book will catalyze a more humane way to enable high-velocity software delivery that inspires trust and is inherently more secure. Read the sneak peek of this upcoming book in this post. Susan Jones had been … [Read more...]
Gene Kim’s Audit and Security Playlist
“How does DevOps ideally interact with information security and compliance?”This is a problem that was extensively explored in The Phoenix Project, and I have learned so much about the amazing ways that solutions can be found. Here are my favorite videos that describe how information security has shifted from being viewed as a burdensome obstacle to people helping everyone across the organization.The Audit Mythbusting Panel (DevOps Enterprise Summit - Las Vegas 2019)If you think that … [Read more...]
Three Papers to Boost Audit/Security in DevOps
An Unlikely Union: DevOps and Audit Information Security and Compliance Practices Many organizations are adopting DevOps patterns and practices, and are enjoying the benefits that come from that adoption: More speed. Higher quality. Better value. However, many organizations often get stymied when dealing with information security, compliance, and audit requirements. There seems to be a misconception that DevOps practices won’t work in organizations which are under SOX or PCI regulations. In this … [Read more...]