How the Best DevSecOps Teams Make Risk Visible to Developers

DevSecOps leaders say security has done a lousy job making AppSec risks visible to developers. Traditional cybersecurity practices are not providing the kind of feedback to developers that helps them figure out how to make changes in their daily work that will actually reduce AppSec risk. The best risk leaders make their case by finding the right metrics to tell their story, says Mastercard’s Anna Marie Zettlemoyer. At Target, the security team developed what the company calls the Product Intelligence score, which wraps in data from its vulnerability databases and GRC tooling.”]

Source: https://www.darkreading.com/application-security/how-the-best-devsecops-teams-make-risk-visible-to-developers

Something Fresh

What to Know About The Jamaica Data Protection Act

St Vincent and the Grenadines embracing CariSECURE

Jamaica's Gov’t Looking to Finalize Data Protection Act Regulations

What People Reading

Feedback and data-driven updates to Googles disclosure policy

Mozilla Says Google's New Ad Tech - FLoC - Doesn't Protect User Privacy

Selling technology to cops, part 2

Launching AnonLeaks, Ready To Dump More HBGary E-mails!

RSA: Geolocation shows just how dead privacy is

Categories

Partners

Just add here your partners image or promo text