Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In the first article in this series we covered the basics. In the second article about the planning process, we covered how developers incorporate security at the beginning of their project. This article explores DevSecOps during the Continuous Integration (CI) phase of the coding process and how to protect the code from supply chain attacks, license issues, and theft. Developers are advised during planning to use secure coding best-practices during the coding process.

The Data Security and Protection Toolkit (DSP Toolkit) is an NHS operated online tool that enables organisations in benchmarking their security against the National Data Guardian’s 10 Data Security Standards (NDG Standards).

Web applications are continuously evolving due to the hypo-velocity of code changes and stream of new features and functionality leaving businesses exposed to application security risks. A new wave of automated pen testing conducted through a software as a service delivery model can help reduce this risk by providing automated vulnerability findings in real time.

As a former systems and network administrator, I understand the demands that are placed on today’s IT professionals. It’s true that skills gap continues to hamper IT and security personnel, for example. In early 2020, Tripwire revealed the results of a survey in which 83% of security professionals noted that they felt more overworked going into that year than they did at the start of 2019.

Guessing how many marbles are in a jar is either a fun carnival game (pick the average based on the wisdom of the crowd) or a math problem involving orb volume, cylinder volume and the estimated space between marbles. You can also just count the marbles. Unfortunately, when it comes to identifying the number of devices connected to your network, none of these approaches works – although quasi-manual counting remains all too common.