An Infrastructure-Focused Framework for Adopting DevSecOps
March 2023 • Podcast
Vanessa B. Jackson, Lyndsi A. Hughes
Vanessa Jackson and Lyndsi Hughes discuss the DevSecOps adoption framework, which guides organizations in the planning and implementation of a roadmap to functional CI/CD pipeline capabilities.
Listen
Watch
Abstract
DevSecOps practices, including continuous-integration/continuous-delivery (CI/CD) pipelines, enable organizations to respond to security and reliability events quickly and efficiently and to produce resilient and secure software on a predictable schedule and budget. Despite growing evidence and recognition of the efficacy and value of these practices, the initial implementation and ongoing improvement of the methodology can be challenging. In this podcast from the Carnegie Mellon University Software Engineering Institute, senior engineers Vanessa Jackson and Lyndsi Hughes discuss with principal researcher Suzanne Miller the DevSecOps adoption framework, which guides organizations in the planning and implementation of a roadmap to functional CI/CD pipeline capabilities.
About the Speaker
Vanessa B. Jackson
Vanessa Jackson joined the SEI in 2012 and currently works as a senior DevSecOps Engineer in the SEI’s Software Solutions Division. During her tenure at the SEI, Jackson has performed several ...
Vanessa Jackson joined the SEI in 2012 and currently works as a senior DevSecOps Engineer in the SEI’s Software Solutions Division. During her tenure at the SEI, Jackson has performed several roles including database engineer, middle-tier developer, and systems engineer helping to manage a development environment from initial setup to applying for ATO (US Cybercom’s Authority to Operate certification). Throughout her career, Jackson has served in multiple positions in the software engineering realm including technical writer, systems administrator, test engineer, and full-stack developer. Jackson earned a degree computer science from Howard University.
Lyndsi A. Hughes
Lyndsi Hughes joined the SEI in 2010 and works as a senior systems engineer in the SEI’s CERT Division. During her tenure at the SEI, Hughes has operated and maintained numerous specialized computing ...
Lyndsi Hughes joined the SEI in 2010 and works as a senior systems engineer in the SEI’s CERT Division. During her tenure at the SEI, Hughes has operated and maintained numerous specialized computing environments in support of research projects, malware analysis, and software engineering. Hughes’ technical expertise spans a wide breadth of applications, across which she has successfully implemented modern cybersecurity and DevSecOps tools and practices. In turn, Hughes translates her technical knowledge into abstract ideas to support various DoD and DHS programs. Hughes earned a master of science in Information Science from the University of Pittsburgh and a bachelor of arts in Mathematics and Computer Information Systems from Mercyhurst College.