In recent years, the escalation of software supply chain attacks has underscored the critical vulnerabilities within the digital infrastructure of modern enterprises. The NIST SP 800-204D document emerges as a pivotal guide in this context, advocating for the integration of security measures into DevSecOps CI/CD pipelines to mitigate these risks. By embedding security at every…
In today’s rapidly evolving digital landscape, organisations face increasingly sophisticated cyber threats. The traditional perimeter-based security approach is no longer sufficient to protect valuable data and systems from sophisticated attacks. As a result, a paradigm shift towards a Zero Trust Security model has gained significant traction, particularly in cloud environments like Amazon Web Services or…
When I talk about Cloud Landing Zones, I like to use the analogy that if you were a licensed airline pilot, you would not just get into your plane and take off. You would want a reliable system to monitor your flight, security measures in place to protect you, and most of all assurance that…
Introduction Organisations undergoing digital transformation are looking for avenues to modernize, innovate, and adapt their application landscapes to the latest technology available on the big public cloud platforms, such as AWS, Azure, and Google Cloud Platform. Some of the business drivers for moving applications to the cloud are: Shifting focus from underlying infrastructure and platforms…
The way that businesses operate is changing, and this change has been accelerated by the Covid-19 pandemic that has forced a massive shift in the way that people work. Cloud computing has enabled this change, and the amount being spent on public cloud services now outstrips that of traditional IT. That trend is only going…
Are your automated software delivery processes safe? With the emergence of new technologies and methodologies, the frequency of releasing software changes into production environments has increased exponentially over the last decade. The DevOps approach with its automated CI/CD pipelines made it possible to drastically shorten the lead time required for changes to become available to…