BT

New Early adopter or innovator? InfoQ has been working on some new features for you. Learn more

rss

Cloud Migrations, Highly Regulated Environments, and Making Work Visible: DOES17 London Day Two

by Daniel Bryant on  Jun 23, 2017

At the London DevOps Enterprise Summit 2017 (DOES17) conference, the second morning of keynotes discussed the role DevOps plays when migrating to cloud platforms; the creation and cultivation of effective teams that must work within high-regulatory environments; and how to improve the flow of business value by making work visible.

AWS Organizations Offers Centralized Policy-Based Account Management

by Steffen Opel on  Mar 31, 2017

After a three month preview since re:Invent 2016, Amazon Web Services has recently moved AWS Organizations to general availability. The new service allows to centrally manage multiple AWS accounts within a hierarchy of organizational units and attach service control policies with fine-grained access permissions. AWS Organizations also supersede the formerly separate consolidated billing feature.

DevOps Survival in the Highly Regulated Financial Industry

by Manuel Pais on  Jul 31, 2016

Robert Scherrer, head of application engineering at SIX, on how the company leveraged DevOps principles and benefits in the highly regulated Swiss financial industry. Engaging with compliance auditors to collaboratively agree on solutions early before it's too costly to change and avoiding legacy internal directives (not actually required by external regulations) are the main takeaways.

Container Manifests, Docker Labels, and the Implications on Security: A Q&A with Gareth Rushgrove

by Daniel Bryant on  Dec 15, 2015

At DockerCon EU 2015, InfoQ sat down with Gareth Rushgrove, a senior software engineer at Puppet Labs, and explored the concepts behind his conference presentation “Shipping Manifests, Bill of Lading and Docker”. The range of topics discussed included the benefits of system package management (manifest) metadata, the use of Docker labels, and the implications on security and compliance audits.

AWS Expands Credential Lifecycle Management and Monitoring

by Steffen Opel on  Jul 29, 2014 1

AWS Identity and Access Management (IAM) recently expanded available password policy rules to enable self-service password rotation. A new credential report provides visibility into the AWS credentials security status. AWS also added logging of AWS Management Console sign-in events to AWS CloudTrail.

S is for Security

by Manuel Pais on  Jun 22, 2013

Frank Breedijk, security officer at Schuberg Philis, talks about the friction points between security and DevOps and how to collaborate to avoid them. Examples include automating security tests and environments, reducing scope of security audits to relevant system components only or allowing security fixes to jump the queue of changes to production.

Two More DevOps Tool Vendors Acquired

by Jonathan Allen on  Apr 22, 2013

The excitement over DevOps is continuing to increase in major corporations. Today it was announced that two DevOps tool vendors were acquired. UrbanCode was picked up by IBM while Nolio went to CA Technologies.

New DMTF WorkGroup To Address Cloud Security Concerns Through Cloud Audit Standards

by Jeevak Kasarkod on  May 08, 2011

Security concerns still remain the top inhibitor of cloud adoption and cloud audits will alleviate some of these concerns. DMTF instituted the Cloud Audit Data Federation Work Group (CADFWG) to define specifications which will empower organizations to audit cloud-based IT resources, regardless of their chosen cloud provider.

BT