DevSecOps in 2022 with Jess Dodson

2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. Having a list of the libraries that internal applications depend on helps you respond in a time of crisis, being able to answer the question "where are we vulnerable?" This leads to a conversation about better DevSecOps - where development, security, and operations all take security seriously and help each other to help the organization succeed!

Episode 809 of the RunAs Radio podcast, hosted by Jess Dodson, Richard Campbell, titled "DevSecOps in 2022 with Jess Dodson" was published on January 5, 2022 and runs 39 minutes.

January 5, 2022 ·39m · RunAs Radio

Summary

2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. Having a list of the libraries that internal applications depend on helps you respond in a time of crisis, being able to answer the question "where are we vulnerable?" This leads to a conversation about better DevSecOps - where development, security, and operations all take security seriously and help each other to help the organization succeed!

Episode Description