I had the honor of being interviewed by π Matt Warcholinski πΎ from Brainhub in his ππ¨ππππ¬πποΈ on ππππππ« ππππ‘ ππππππ«π¬π‘π’π©.
π If you’ve ever wondered about the ins and outs of introducing πππ―ππ©π¬ into your organization, this episode is a must-listen! We delved into some fascinating topics, and I’m thrilled to share a few highlights from our conversation:
After eleven sessions building a full DevSecOps pipeline with GitHub β covering Software Composition Analysis, License Compliance, SAST, Container Scanning, Secret Detection, DAST, Pull Requests, Scheduled Pipelines, and Vulnerability Management β Patrick Steger and I close the series with our recommendations. What works on GitHub, where the gaps are, and what we would tell anyone setting out to build the same pipeline.
After eleven sessions building a full DevSecOps pipeline with GitLab β from Software Composition Analysis to Container Scanning, SAST, Secret Detection, DAST, merge request integration, and scheduled pipelines β Patrick Steger and I close the series with our recommendations. What worked, what tripped us up, and what we would tell anyone setting out to build the same pipeline today.
At first glance, a DevOps transformation seems to be a major undertaking for any company. But with the right approach, you can keep the process lean and agile.
Insight in brief # Start small with a small to medium sized project or product. Select the right people to ensure sufficient credibility and influence. Continuous improvement is key to success.
My chapter from the book: Machines, Code, People: 50 things ZΓΌhlke engineers are passionate about
Read Online GitHub Repository Buy on Amazon Imagine on a Monday morning you come into the office, start up your computer and ba-bam a manager is standing beside you, telling you to follow him into a escalation meeting.
