Integrating the necessary security controls and audit capabilities to satisfy compliance requirements within a DevOps culture can capitalize on CI/CD pipeline automation, but presents unique challenges as an organization scales. Understanding the second order implications and unintended consequences caused by the chosen implementation is key to building an effective, secure, and scalable solution. My colleague Carl Nygard describes how to think of these choices through a series of four patterns for handling compliance.
more… https://martinfowler.com/articles/devops-compliance.html
Login to add comment
Other posts in this group
How is code generation with GenAI different from more "traditional" code generators? The newest memo in Birgitta Böckeler's explorations of GenAI talks abou
How is code generation with GenAI different from more "traditional" code generators? The newest memo in Birgitta Böckeler's explorations of GenAI talks abou
Many s
At Thoughtworks, we are strong practitioners of Test Driven Development (TDD). Naturally this leads to the question of how generative AI can
