Xebia Articles

Continuous Security becomes a critical success factor

Posted by Han Goossens on Jun 20, 2017 9:00:00 AM

Authors: Han Goossens – Commercial Manager Xebia Security & Tom Rijgersberg, Business Unit Manager Xebia Security

Winning businesses innovate and that innovation will more and more be driven by fast ‘deployment’ of products and services with small increments. Will the drive to reduce time to market for releasing new applications go hand in hand with the growing desire for security? Nowadays a lot of companies experience Security as the biggest impediment in delivering innovation. For the sake of becoming a successful and reliable innovator the next level in the maturity model has been announced: continuous security. What is the relation between Innovation and Security, and more specifically, Application Security? How can organizations successfully apply Continuous Security?

Read More

Topics: Agile Software Security

4 Training Trends Your Business Should Know

Posted by Xebia Academy on Mar 23, 2017 1:11:40 PM
 
Professional development, as a concept, is nothing new - it makes sense to nurture talent and build your employees’ skill sets. But with the transforming tides of today’s IT world, the ways in which companies approach training are rapidly changing too. For organizations that want to remain flexible, responsive and competitive in today’s continuously fluctuating marketplace, knowledge is not only power; it's a priority.
 
Read More

Topics: Agile Software Security, DevOps & Continuous Delivery, Agile Software Development, Big Data & Data Science, Agile Transformations, Test Automation & Quality, Cloud Infrastructures

Security Is Dead, Long Live Security

Posted by Dave van Stein on Mar 8, 2017 1:30:00 PM

Some time ago I attended BruCON. For those unfamiliar with it, BruCON is a security conference where everybody with an interest in security can share their views and findings. As always, it was a great mixture of technology, philosophy, personal opinions and hands-on workshops.

This time, however, I noticed a certain pattern in some of the talks. Chris Nickerson gave a presentation about "how to make a pentester's life hell" based on experience, Shyma Rose shared her views on risk management, Mark Hillick showed us how the security was improved at Riot Games and David Kennedy provided his opinion on the state of the information security industry nowadays. All four of them basically told pieces of the same tale from a different perspective and I will try to provide my viewpoint on the matter in this blog.

Read More

Topics: Agile Software Security

Being an Agile Security Officer

Posted by Dave van Stein on Mar 6, 2017 2:58:34 PM

Whenever I give a presentation, training, or just talk to security teams, it becomes clear that over the years a gap has been created between application security and development. A gap we created consciously and with intent and that became painfully visible with the introduction of Agile and DevOps. Suddenly exhaustive information security policies with checklists and penetration tests became serious impediments. The challenge we are facing now is how to bridge this gap again.

Read More

Topics: Agile Software Security