Financial and SDLC - Information Technology Zone

Beyond DevSecOps: Why fintech companies need to consider DevSecRegOps

CIO Business Intelligence

OCTOBER 31, 2023

As the vice president of enterprise architecture and technology strategy at Discover Financial Services, I think about this question often as we work to design our tech stack. As a practice, DevSecOps is a way to engrain practices in your SDLC that ensures security becomes a shared responsibility throughout the IT lifecycle.

Company

Company SDLC Meeting Banking

7 types of tech debt that could cripple your business

CIO Business Intelligence

MARCH 25, 2025

Just as no one wants to run mission-critical systems on decade-old hardware, modern SDLC and DevOps practices must treat software dependencies the same way keep them updated, streamlined, and secure. The average app contains 180 components , and failing to update them leads to bloated code, security gaps, and mounting technical debt.

Architecture

Architecture Devops Open Source Database Administration

Scaling security: How to build security into the entire development pipeline

CIO Business Intelligence

OCTOBER 31, 2023

That’s why Discover® Financial Service’s product security and application development teams worked together to shift security left by integrating security by design and conducting early security testing often to identify vulnerabilities prior to hitting deployment. There’s a security issue.”

Security

Security Development How To SDLC

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

What CEOs really need from today’s CIOs

CIO Business Intelligence

AUGUST 3, 2022

Modern delivery is product (rather than project) management , agile development, small cross-functional teams that co-create , and continuous integration and delivery all with a new financial model that funds “value” not “projects.”.

Architecture

Architecture Software Cloud Software

The hidden cost of insecure code: More than just data breaches

CIO Business Intelligence

AUGUST 26, 2024

When significant breaches like Equifax or Uber happen, it’s easy to focus on the huge reputation and financial damage from all that compromised user data. The financial damages and customer impacts are immediate and substantial. For sure – those headline costs are massive, no question.

Data

Data Engineering Security SDLC

How to make your developer organization more efficient

CIO Business Intelligence

SEPTEMBER 1, 2023

To combat wasted time and effort, Discover® Financial Services championed a few initiatives to help developers get back to what they do best: developing. Employing automation for tasks that many engineers face throughout their SDLC helps to shift focus towards human value-add activities. The result?

Development

Development How To SDLC Engineering

Safeguarding Ethical Development in ChatGPT and Other LLMs

SecureWorld News

AUGUST 7, 2023

Hostile threat actors assume the role of a medical provider, financial institution, or other legitimate supplier (impersonation). Why should AI get a pass on S (Secure) SDLC methodologies? Imagine a sophisticated attacker who cunningly injects malicious prompts into an LLM to manipulate its output and deceive unsuspecting users.

Development

Development SDLC Security Tools

Agile Process Improvement Using. Agile! - Social, Agile, and.

Social, Agile and Transformation

MARCH 8, 2011

How do we handle forecasting end dates and financials? The owner of the SDLC (or someone from this office) should act as product owner, and the team should be representatives of your engineering teams and leaders for different skills (pm, ba, development lead, QA). After that, Im usually asked a flood of questions.

Agile

Agile Social SCRUM Software Development

The DevSecOps Lifecycle: How to Automate Security in Software Development

ForAllSecure

MAY 2, 2023

This leaves the door open for security breaches that can lead to serious financial and reputational damage. Reduced time and cost : Integrating security into the SDLC reduces the costs associated with fixing security vulnerabilities at a later stage.

Software Development

Software Development Software Software Development

10 Stages of the software development lifecycle for startups

Dataconomy

APRIL 5, 2024

It is best to combine testing with SDLC. This is because small companies do not have the same market authority or financial capabilities as established or large organizations. Test Testing can sometimes be separated from the overall software development process. Implementation The next stage is the implementation of changes.

Software Development

Software Development Software Software Development

A Guide To Automated Continuous Security Testing

ForAllSecure

JULY 13, 2021

ForAllSecure interprets this as evolving security testing from the traditional checkpoint in the software development lifecycle (SDLC) to a discipline that occurs throughout the development process. These requirements have led to increased interest in emerging techniques that prioritize automation, accuracy, and simplicity.

Security

Security SDLC Software Software

Three Aspects of Enterprise Architecture Governance

Future of CIO

OCTOBER 26, 2013

Governance as components of the EA , includes business rules, legal requirements (such as data protection), operational requirements rules, financial compliance - so governance in this instance is items that influence the architecture relationships or other components options. * The same relations are between EAG and EA Frameworks.

Architecture

Architecture Government Enterprise Enterprise

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

Dave Bittner: [00:02:42] The Financial Times reports that the controversial lawful intercept shop NSO Group says it can access private messages held in major cloud services, including those provided by Apple, Amazon, Google and Facebook. Its apparent goal is espionage directed against the financial and energy sectors.

Security

Security Applications Development Financial

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

Dave Bittner: [00:02:42] The Financial Times reports that the controversial lawful intercept shop NSO Group says it can access private messages held in major cloud services, including those provided by Apple, Amazon, Google and Facebook. Its apparent goal is espionage directed against the financial and energy sectors.

Security

Security Applications Development Financial

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

ForAllSecure

AUGUST 14, 2019

Dave Bittner: [00:02:42] The Financial Times reports that the controversial lawful intercept shop NSO Group says it can access private messages held in major cloud services, including those provided by Apple, Amazon, Google and Facebook. Its apparent goal is espionage directed against the financial and energy sectors.

Security

Security Applications Development Financial

Information Technology Zone

Beyond DevSecOps: Why fintech companies need to consider DevSecRegOps

7 types of tech debt that could cripple your business

Webinars

Trending Sources

Scaling security: How to build security into the entire development pipeline

Webinars

What CEOs really need from today’s CIOs

The hidden cost of insecure code: More than just data breaches

How to make your developer organization more efficient

Safeguarding Ethical Development in ChatGPT and Other LLMs

Agile Process Improvement Using. Agile! - Social, Agile, and.

The DevSecOps Lifecycle: How to Automate Security in Software Development

10 Stages of the software development lifecycle for startups

A Guide To Automated Continuous Security Testing

Three Aspects of Enterprise Architecture Governance

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

Stay Connected