How Hearst Eliminates DevOps Complexity — An Architecture Review

Hearst Eliminates DevOps Complexity with Automation Jim Mortko is responsible for leading all Internet-based engineering and digital production efforts, along with ecommerce and marketing initiatives that support Hearst Magazines’ diverse units including 20 U.S. magazines, Hearst Digital Media, the Hearst App Lab and Hearst Magazines UK. He is credited with spearheading the launch of five internal systems, along with supporting the launch of more than 10 websites. In this talk,

Read more

DevSecOps Conference Highlights | Speakers from Splunk, Betterment, Fair, ASICS

See What You MissedWatch highlights from all the speakers Why ASICS Digital Builds 12-Factor Apps with a Focus on Infrastructure By Laura Franzese August 1, 2019 Blog, Conference, Uncategorized How ASICS Digital Created a Culture of You Build it, You Run it John Noss is a Senior Site Reliability Engineer at ASICS… Read more How Hearst Eliminates DevOps Complexity — An Architecture Review By strongDM July 31, 2019 Blog, Conference

Read more

How Splunk Built A Practical Approach to DevSecOps At Scale

What Splunk Does Joel Fulton is the Chief Information Security Officer for Splunk. At Splunk, they've put effort into transforming their organization from a waterfall approach to agile, to now a DevSecOps approach. In case you're not familiar, Splunk is a software development company focused on machine data aggregation. They collect your data on to your on-prem and they count on you to manage and protect that. Splunk relies on

Read more

How To Prepare For Your First SOC 2 Audit A 30-90-120 Day Plan

Despite thousands of articles, there's shockingly little actionable advice to help startups complete SOC 2. When you don't have dedicated compliance teams or six figure budgets, we set out to answer: When to pull the trigger on SOC 2. Who needs to be involved in prep work & what tasks can/can not be delegated. How to narrow the scope and save as much time as possible. What are achievable best

Read more

Interview with SoFi Head of Infrastructure Peter Tormey | Token Security Podcast

Peter Tormey Head of Infrastructure at SoFi

ShareAbout Token SecurityWelcome! This is the inaugural episode of Token Security, our goal is to teach the core curriculum for modern devsecops. Each week we will go deep with an expert on a specific topic so you walk away with practical advice to apply to your team today. No fluff, no buzzwords.About This EpisodeThis episode we sit down with Peter Tormey, Head of Infrastructure at SoFi. The crew talks PII,

Read more

What is SOC 2 Compliance | A Guide To Prepare For Your First Audit

If you sell software to businesses, clients will probably start asking if you're SOC 2 compliant? Why? Because it's a convenient way to confirm you have *some* maturity around security best practices. What SOC 2 is not! You should not confuse SOC 2 compliance for actual security best practices. Although it covers the core departments and processes that interact with sensitive data, it does not stipulate standards. It merely confirms

Read more

SOC 2 Type 1 Guide | Everything You Need To Know

Cover illustration for Guide explaining SOC 2 Type 1

The first time I went through SOC2 I wasted way way too many hours on Google trying to figure out best practices. It drove my nuts how much was written without actually telling me anything actionable. Why wasn't there a simple summary to understand: How long will a SOC 2 Type 1 audit take? How much will SOC 2 Type 1 cost? What are best practices for each policy? Two

Read more