Intro Security and compliance controls are an important part of the software development life cycle. When organizations and teams move software delivery from months to hours, the processes related to compliance evaluation can become a bottleneck for delivery. In his article, “Compliance in a DevOps Culture,” Carl Nygard outlines different approaches teams can take to Read more…
Built on Control Tower Mphasis Stelligent is proud to be an AWS Built on Control Tower Partner and a Management and Governance Partner! Find this blog interesting? Make sure you register and join us on Nov 17 for an AWS Control Tower Activation Day. Control Tower and BoCT Overview Cloud transformation is a large undertaking. The setup and Read more…
As Enterprises adopt modern application architectures, they now find they need the capability to deliver hundreds or even thousands of distinct applications while meeting stringent security and compliance requirements. Scaling the capability to deliver software securely requires a new framework for defining, creating, and delivering infrastructure and application code and brings a new set of Read more…
Consider the following questions when it comes to the typical approach to security error detection and remediation in many enterprises today: How does security error detection occur? When and how often does it occur? Who is usually involved in fixing these security issues? What is the approach to fixing these issues? How long does it Read more…
If you are following best practices, you have adopted a multi-account strategy for your cloud applications, with different workloads spread across different accounts. Users log in to one account and assume roles in other accounts as needed. Even your build system lives in a tools account separate from all the applications it deploys. This is Read more…
This is part one of a two part series on Amazon Inspector. This article goes over some of the features of Amazon Inspector and covers some of the pros and cons of the service. The second article within this series is a quick start on implementing Amazon Inspector in automated AMI pipelines. Introduction to Amazon Read more…
We had over 40 people from Mphasis and Mphasis Stelligent at the AWS re:Invent 2019 conference in Las Vegas, NV. There were 77 product launches, feature releases, & services announced at the conference (and many more at “pre:Invent” in November). Of this, there were several DevOps-related features announced at re:Invent or during pre:Invent. The theme Read more…
Many enterprises attempt to drive software development and delivery towards a DevOps mindset. Likewise, organizations struggle with increasing security challenges while adopting these innovative software practices. Embedding security within the deployment lifecycle is non-negotiable. Therefore, integration of security into CI/CD workflows need be done cautiously to meet an ever-evolving technology landscape. DevSecOps is an important Read more…
While enterprises are capable of rapidly scaling their infrastructure in the cloud, there’s a corresponding increase in the demand for scalable mechanisms to meet security and compliance requirements based on corporate policies, auditors, security teams, and others. For example, we can easily and rapidly launch hundreds of resources – such as EC2 instances – in Read more…
It’s 7:37 AM on a Sunday. You’re in the Security Operations Center (SOC) and alarms and emails are seemingly being triggered everywhere. You and a colleague are combing through dashboards and logs to determine what is causing these alerts. After running around with your “hair on fire” for around 30 minutes, you finally determine that Read more…