Security Patching Docker Containers

In the final section of my series on creating a comprehensive security program around Docker, I'll be looking at some ideas and best practices around patching running containers. In the previous articles, I talked about running static analysis on containers and rolling out intrusion prevention and detection. Containers are immutable,

How To Hire Security Talent

I don't think it's quite as hard as most people make it out to be. I keep hearing from colleagues and articles that there is great difficulty in hiring a technical security people to work on application security, network security, or devsecops. If you want to staff and run an

How To Get A Job In DevSecOps

Modern security organizations are moving closer to development, and increasingly integrating directly with development through continuous security and DevSecOps roles. This combined skillset of security engineer and devops engineer, with enough programming knowledge to automate tasks and speak intelligently to development teams, is massively valuable in the marketplace. With a