sdl - Abhay Bhargav

Abhay Bhargav

Sign in Subscribe

sdl

A collection of 2 posts

Think "Feedback" over "Pipelines" for DevSecOps Success

Think "Feedback" over "Pipelines" for DevSecOps Success

For a while now, the term DevSecOps has become synonymous with Pipelines. That is natural. DevOps, for the longest time has been associated with pipelines. I am sure, that if you've read anything around DevOps or DevSecOps, you'd have heard of the term "CI/CD". Well, let's look at what

Thoughts on Using and Scaling Threat Modeling

threat modeling

Thoughts on Using and Scaling Threat Modeling

Some of my pet peeves with Threat Modeling, as its currently done by a lot of orgs out there: 1. Threat Models are generated as tomes, rarely used by the people who need to be using it (architects, engineering teams, business owners, even security people) 2. Consequently, Threat Modeling does