Improving Your Security Posture on the Containerization Journey
by David Widen
| Tuesday, Jan 12, 2021
| DevSecOps GitLab
Building a security-focused culture A DevOps transformation is a massive organizational change with implications for everything about how team members communicate and collaborate. It can also be an opportunity for organizations to integrate security into their applications’ lifecycles at every stage and move security teams from being a roadblock to being a strategic development partner. Here’s how organizations can use the DevOps transformation to improve their approach to security.
Adjust incentives People will focus on the things that they are incentivized to care about and are evaluated on.
Safeguarding the World from the SolarWinds Hack and Future Supply Chain Attacks
by Cole Kennedy, Andrés Vega
| Monday, Dec 14, 2020
Over the weekend, FireEye discovered an active threat (SOLARBURST) from a trojanized software supply chain. CISA has issued an emergency directive to remove SolarWinds from United States Department of Defense IT systems. Supply chain compromises are becoming a frequent occurrence, and this does not come as a surprise to us; as leading practitioners at BoxBoat and VMware, we understand the threat vector and the widespread damage a release compromise can have, and for that reason, we urge the need for Secure Software Supply Chain (SSSC)
BoxBoat Becomes the First GitLab Certified Professional Services Partner!
by Tim Hohman
| Wednesday, Nov 18, 2020
| GitLab DevSecOps
Washington, DC – BoxBoat Technologies, the premier DevSecOps and digital transformation consultancy, has become the first GitLab Professional Services Partner after becoming GitLab Select Channel Partners in July, 2020. This strategic relationship will help us deliver cutting edge DevSecOps, continuous integration, and source control management services to our customers.
“BoxBoat specializes in helping organizations integrate containerization and DevSecOps into their software development and deployment workflows,” said Tim Hohman, BoxBoat CEO. “As a GitLab Professional Services Partner, we are uniquely situated to help organizations accelerate their software development processes and improve automation as part of their greater DevSecOps strategy.
Multi-Regional Azure Kubernetes Service (AKS) at the Enterprise
by Facundo Gauna
| Wednesday, Sep 16, 2020
| Azure Kubernetes Service Azure Landing Zones
Many enterprise organizations invest heavily in creating secure, scalable, and well-governed Landing Zones on Azure. In fact, Azure Landing Zones are often crucial to enabling a hybrid cloud set-up between on-premise resources and Azure. They facilitate security, centralized management, and visibility across workloads in the enterprise.
What are Azure Landing Zones?
From the Microsoft documentation:
Azure landing zones are the output of a multi-subscription Azure environment that accounts for scale, security, governance, networking, and identity.
Work From Home Tips from the BoxBoat Team
by Jess Bodzo, David Widen
| Monday, Sep 14, 2020
| Remote working
We founded BoxBoat in 2016 as a remote-first company. Since then, we've learned a lot about how to operate in a fully remote capacity, including what works well and what doesn't. One of the things that we've learned is the importance of maintaining a healthy work-life balance for all team members.
Many companies not accustomed to working remotely have seen employees working longer hours and constantly checking messaging apps like Slack after hours, to the detriment of their work-life balance.