by Faheem Memon | Wednesday, Feb 3, 2021 | Kubernetes Cloud-Native DevSecOps

In line with the findings reported in the current State of the DevOps Report 2020, organizations such as Apple, Spotify, Eventbrite, and others have been showcasing their internal cloud-native platforms at recent KubeCon events. These organizations have mature DevOps practices and provide compelling self-service platforms to their internal customers that are built with product thinking and backed by end-to-end automation. At BoxBoat, we engage with our clients at different points in their cloud-native or DevSecOps adoption journey, and we believe that most of the foundational ideas, especially product thinking, should be adopted early in the process.

by Tim Hohman | Friday, Jan 15, 2021 | Rancher Kubernetes

Bethesda, MD – BoxBoat Technologies (BoxBoat), a premier DevSecOps and digital transformation consultancy, today announced that Rancher Federals’ enterprise platform for managed Kubernetes is now available through BoxBoat’s Multiple Award Schedule contract with the General Services Administration (GSA). This expansion of BoxBoat’s relationship with Rancher Federal will enable government agencies to take greater advantage of Rancher’s support for certified Kubernetes distribution, either on-premise or in the public cloud. You can find BoxBoat's GSA schedule service and software offerings here.

by David Widen | Tuesday, Jan 12, 2021 | DevSecOps GitLab

Building a security-focused culture A DevOps transformation is a massive organizational change with implications for everything about how team members communicate and collaborate. It can also be an opportunity for organizations to integrate security into their applications’ lifecycles at every stage and move security teams from being a roadblock to being a strategic development partner. Here’s how organizations can use the DevOps transformation to improve their approach to security. Adjust incentives People will focus on the things that they are incentivized to care about and are evaluated on.

by Cole Kennedy, Andrés Vega | Monday, Dec 14, 2020 | DevSecOps

Over the weekend, FireEye discovered an active threat (SOLARBURST) from a trojanized software supply chain. CISA has issued an emergency directive to remove SolarWinds from United States Department of Defense IT systems. Supply chain compromises are becoming a frequent occurrence, and this does not come as a surprise to us; as leading practitioners at BoxBoat and VMware, we understand the threat vector and the widespread damage a release compromise can have, and for that reason, we urge the need for Secure Software Supply Chain (SSSC)

by Tim Hohman | Wednesday, Nov 18, 2020 | GitLab DevSecOps

Washington, DC – BoxBoat Technologies, the premier DevSecOps and digital transformation consultancy, has become the first GitLab Professional Services Partner after becoming GitLab Select Channel Partners in July, 2020. This strategic relationship will help us deliver cutting edge DevSecOps, continuous integration, and source control management services to our customers. “BoxBoat specializes in helping organizations integrate containerization and DevSecOps into their software development and deployment workflows,” said Tim Hohman, BoxBoat CEO. “As a GitLab Professional Services Partner, we are uniquely situated to help organizations accelerate their software development processes and improve automation as part of their greater DevSecOps strategy.