ISSA Journal Novembre 2019 - La rivista mensile riservata ai Soci AIPSI

I principali articoli nell'edizione di Novembre 2019:

• Secure DevOps before DevSecOps, by Tony Rice - ISSA member, Raleigh Chapter. This article discusses the opportunities DevSecOps offers to stand up infrastructure in a consistent, secure way as well as move discovery of security flaws earlier and more often in the software development life cycle, with a back-to-basics view of securing access to these resources first.

• DevSecOps: A Systemic Approach for Secure Software Development, by Seetharaman Jeganathan. The author reviews how security processes can be effectively embedded in the DevOps model to increase the success of IT projects in an organization.

• Securing Terminology: Lessons from Interdisciplinary Research, by Delmer Nagy, Herbert Gomez, and Christopher Copeland. IT security is an inherently interdisciplinary practice. This creates an amalgam of terms, acronyms, and concepts potentially causing confusion. Given the evolving nature of terminology, the authors demonstrate how traditional communication strategies need to be reinforced to ensure that the knowledge of organizational stakeholders does not hinder organizational security efforts.

• Changing the DevOps Culture One Security Scan at a Time, by Jon-Michael Lacek. This article discusses the ideology of information security being a roadblock when it comes to DevOps project management and execution and demonstrates that available pipeline plugins do not introduce significant delays into the release process and are able to identify the vulnerabilities detected by traditional application scanning tools.

• The Python Programming Language: Relational Databases, by Constantinos Doskas - ISSA Senior Member, Northern Virginia Chapter. This article continues our discussion on database programming. In previous lessons we learned how to create SQL database tables, how to create INNER and LEFT JOIN, and how to ORDER the queries of tables by one or more columns. In this session we will learn how to combine data of multiple like tables and queries and create detailed or summary reports.
  
  

Inoltre in questo numero:

• From the President
• Sabett's Brief
• Moving Phorward into a New Decade
• Women in Cybersecurity
• Women Leaders Impacting ISSA
• The Cryptic Curmudgeon
• Homomorphic Encryption
• Open Forum
• What I Wish STEM Programs Would Get Right
• Privacy
• The Privacy Problem
• Crypto Corner
• eLeviathan
• Open Forum
• DevOps and Infosec
• Security in the News
• ITSPmagazine Podcasts
  • A Fireside Chat with NIST Fellow Ron Ross during ISSA International Summit 2019
  • A Conversation with Vandana Verma
  • On Disability, Technology, and Flourishing | A Conversation with Joel M. Reynolds
  • MITRE ATT&CK | A Conversation at the Edge with Katie Nickels, Fred Wilmot, and Ryan Kovar
• Association News
• Career Center