Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Thoughts on Security in the Modern Software Supply Chain [Podcast Interview]

DZone's Guide to

Thoughts on Security in the Modern Software Supply Chain [Podcast Interview]

Check out this casual interview with Caroline Wong and Paula Thrasher on government vs public software security, how the OWASP Top 10 might best be used, and what they have discovered as common security patterns in their large scale projects.

· Security Zone ·
Free Resource

Learn how integrating security into DevOps to deliver "DevSecOps" requires changing mindsets, processes and technology.

Caroline Wong, Paula Thrasher, and I were having lunch at DevOps Enterprise Summit when the conversation took an interesting turn. Paula and Caroline had been on a panel the previous day and didn't get a chance to do a deep dive into any of the topics.

As we were talking at lunch, I realized it was a good opportunity to give them a chance to talk with each other on government vs public software security, about how the OWASP Top 10 might best be used, and what they have discovered as common security patterns in their large scale projects.


About Caroline Wong
I am a strategic leader with strong communications skills, cybersecurity knowledge, and experience delivering global programs. My close and practical information security knowledge stems from broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. I have been featured as an Influencer in the Women in IT Security issue of SC Magazine, named as one of the Top 10 Women in Cloud by CloudNOW, and received a Women of Influence Award in the One to Watch category from the Executive Women's Forum. I authored the popular textbook Security Metrics: A Beginner's Guide.

About Paula Thrasher
Paula Thrasher has 20+ years experience in IT and has spent the last 15 years trying to implement Agile culture in the federal government. Paula's first Agile project was in 2001, since then she has led over 15 programs and projects as an Agile developer, technical lead, Scrum master, or Agile coach. Her teams have helped two separate federal agencies migrate applications to Amazon AWS GovCloud, and done some other amazing DevOps ninja work along the way. Paula is a proud Carnegie Mellon University alumna with a B.S. in Statistics, is a Certified Scrum Master (CSM) and a Project Management Professional (PMP), but prefers learning new things through experience and working with smart people.

Learn how enterprises are using tools to automate security in their DevOps toolchain with these DevSecOps Reference Architectures.

Topics:
security ,devops ,interview ,podcast ,devsecops

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}