Articles by Bruce Johnston
Why we’ve open sourced our secure SDLC process template
One of the big things we’ve learned since starting Kosli is that engineers often struggle to define an SDLC for compliance purposes. That doesn’t mean they don’t know how to deliver secure, …
DevOps Change Management Resources
The DevOps Change Management Content Hub is a set of resources for modern software teams who struggle to align their DevOps automation with their change management requirements. In our experience, …
A Guide to Continuous Security Monitoring Tools for DevOps
DevOps has accelerated the delivery of software, but it has also made it more difficult to stay on top of compliance issues and security threats. When applications, environments and infrastructure are …
Understanding ISO 27001 Security - and why DevOps teams choose Kosli
Modern software delivery teams find themselves under constant pressure to maintain security and compliance without slowing down the speed of development. This usually means that they have to find a …
Backstage Developer Portal
*Disclaimer: The complete Backstage guide is open sourced on Github and you can suggest changes to the content if you know it needs updates. We continuously review the pull requests and improve the …
The Code Story podcast - how to deliver software with Continuous Compliance and Kosli
How do you “keep the receipts” for your software process? Is it possible to automate change controls and deploy software with Continuous Compliance? Earlier this year, Mike appeared on the CodeStory …
How to prove your SDLC is being followed for compliance with medical standards like IEC 62304
If you’re part of a software engineering team in digital health, medtech, medical devices, Software as a Medical Device (SaMD), etc. you have to comply with regulatory standards. And one of the …
How to achieve compliance with FedRAMP Continuous Monitoring
One of the most common frustrations we hear from CTOs and CISOs is that it’s really hard for them to figure out what they’re supposed to do to achieve software delivery compliance for regulatory …
Docker Inspect Explained: The Essential Guide
These days, it’s hard for a software engineer to go about their work without bumping into a Docker container. But when we bump into one that’s behaving oddly, how do we go about finding …
Ready to ship with more confidence?
Got a question about Kosli?
We’re here to help, our customers range from larges fintechs, medtechs and regulated business all looking to streamline their DevOps audit trails
Contact us