Software Security, from DevSecOps to SBOM (2 of 2)

Developers need love too! Advocating for developers isn’t new, but in a world where they're constantly under pressure to keep pace with the demands of digital transformation, expecting developers to care about security can create friction in many DevSecOps environments.

Studies suggest that security teams believe developers don’t take the security of applications seriously and will sacrifice security in favor of innovation. Shifting this perception requires strong collaboration combined with automating and integrating well-established security practices into developers' existing workflows.

Join us to discuss:

• Being a developer advocate.
• Building a culture that reduces friction in DevSecOps.
• Approaches for integrating security into developers daily activities.

It is hard to argue the bold declaration made over a decade ago that, "software is eating the world!", because software has become increasingly foundational to almost every aspect of our lives. We wake up to our smart device alarm on the device that likely put us to sleep the night before. During the day, we bounce from one software enabled device to another and probably don't really think twice about the massive global software economy, not to mention the quality of that software. So what does quality have to do with software economics, and what exactly does "software quality economics" mean? Those are a couple of questions Matt Klassen will delve into in this inaugural podcast of a new series all about software quality and the impact is has - both negative and positive - on our companies, our jobs and the lives we live each and every day.

This episode discusses some of the recent changes in the CWE program to help improve the adoption and consumption of CWE in software assurance practices with guest Alec Summers, CWE deputy project lead at MITRE.  Summers shares how developers and practitioners can leverage CWE to improve modern software development.  Summers provide insight on what the community can expect next in future releases of CWE

Kevin Greene, director of security solutions at Parasoft joins Rick Stewart and Michael Fitzurka of DLT  to discuss the importance of formalizing DevSecOps practices to improve software security.  Greene shares insights on software security, from DevSecOps to Software Bill of Material (SBOM), and the impact on improving software security.  (Part 2 of 2)

Kevin Greene, director of security solutions at Parasoft joins Rick Stewart and Michael Fitzurka of DLT  to discuss the importance of formalizing DevSecOps practices to improve software security.  Greene shares insights on software security, from DevSecOps to Software Bill of Material (SBOM), and the impact on improving software security.  (Part 1 of 2 )

This episode discusses the importance of secure coding awareness and training for developers with guest Brandon Hoe, head of marketing at HackEdu.  Hoe shares insight about key security practices developers should incorporate as they develop software to avoid creating vulnerabilities in software.  

Did you know that Continuous Quality can impact people and organizations? On the surface, continuous quality works to provide developers with deep visibility and insight into any software defects (bugs) or security vulnerabilities. However, it has further, lesser-known, benefits for the enterprise.  

Following on from our podcast, Chasing Continuous Software Quality, join Max Kurton, Head of Enterprise Management 360, and Matt Klassen, VP of Marketing at Parasoft, to take a deeper dive into the impact and benefits of continuous quality. In this podcast they’ll discuss:  

• Quality as a forethought versus an afterthought 
• How CQ feeds into and enhances the customer experience 
• The impact of constantly chasing continuous software quality on employees 
• Why many companies are working hard to succeed in continuous software quality  

Recent data from Enterprise Management Associates (EMA) states that only 20-30% of enterprises are advanced in digital transformation, DevOps and software quality. This leaves 60-80% of enterprises still needing to make significant improvements, especially when it comes to chasing continuous software quality.  

Steven Hendrick, Research Director at EMA, talks with Matt Klassen, VP of Worldwide Marketing at Parasoft, about the state of continuous integration (CI) and continuous deliver (CD) within the enterprise. In this podcast we’ll cover:  

• DevOps- the role of software testing tools, and best practices for addressing the challenges that come with using multiple ones.  
• Testing capabilities enterprises need within the software delivery and deployment pipeline to ensure apps can successfully move through staging and production.  
• How enterprises can build a successful DevOps practice that is effective at driving high software quality deliverables