Wednesday, February 21, 2024
HomeSoftware EngineeringSE Radio 575: Nir Valtman on Pipelineless Safety : Software program Engineering...

SE Radio 575: Nir Valtman on Pipelineless Safety : Software program Engineering Radio


Nir ValtmanNir Valtman, co-Founder and CEO at Arnica, discusses pipelineless safety with SE Radio host Priyanka Raghavan. They begin by defining pipelines after which take into account tips on how to add safety. Nir lays out the important thing challenges in getting good code protection with the pipeline-based strategy, after which describes tips on how to implement a pipelineless strategy and the benefits it affords. Priyanka quizzes him on the idea of “zero new hardcoded secrets and techniques,” in addition to some methods to guard GitHub repositories, and Nir shares examples of how a pipelineless strategy may assist in these situations. They then talk about false positives and dealing with developer fatigue in coping with alerts. The present ends with some dialogue across the product that Arnica affords and the way it implements the pipelineless methodology.

Associated Hyperlinks

Earlier SE Radio Episodes

  1. 288 – Francois Reynaud on DevSecOps

  2. 541 – Jordan Harband and Donald Fischer on Securing the Provide Chain

  3. 559 – Ross Anderson on Software program Obsolescence

  4. 514 – Vandana Verma on the OWASP Prime-10

  5. 475 – Rey Bango on Safe Coding Veracode

  6. 498 – James Socol on Steady Integration and Steady Supply

References

  1. What’s pipelineless safety? (weblog put up)

  2. What’s an sbom, what’s it not, and do you want one (weblog put up)

  3. Cut back Code Threat Utilizing Pipelineless Safety

  4. Arnica’s Actual-time Code Threat-Scanning Instruments Purpose to safe Provide Chain.html

  5. What’s CI/CD Safety?

  6. https://github.com/arnica-ext/GitGoat

  7. Linkedin: valtmanir

Tags: , ,

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments