Get to know

Chris Tozzi

Chris Tozzi has worked as a journalist and Linux systems administrator. He has particular interests in open source, agile infrastructure, and networking. He is Senior Editor of content and a DevOps Analyst at Fixate IO. His latest book, For Fun and Profit: A History of the Free and Open Source Software Revolution, was published in 2017.

Blogs by Chris Tozzi

Sort By:

How To Prevent the 5 Most Common Software Supply Chain Weaknesses

DevSecOps, Secure the Cloud

How To Prevent the 5 Most Common Software Supply Chain Weaknesses

Learn the basics of software supply chain security and 7 best practices to protect yourself against common software supply chain weaknesses.

Jun 13, 2023

From Manifest to Workload: Embedding Kubernetes Security at Each Phase of the DevOps Lifecycle

Code Security, DevSecOps

From Manifest to Workload: Embedding Kubernetes Security at Each Phase of t...

How do you secure Kubernetes? Part of the answer is to identify and address security risks within the various components of Kubernetes itself as well as their configurations. You can do this …

Jan 24, 2023

Infrastructure as Code Security and AppSec: Streamlined DevSecOps From App to Infra

DevSecOps, Secure the Cloud

Infrastructure as Code Security and AppSec: Streamlined DevSecOps From App ...

Learn how to get streamlined DevSecOps when you consolidate AppSec and infrastructure as code security.

Nov 15, 2022

9 Essential Infrastructure Security Considerations for Kubernetes

DevSecOps, Secure the Cloud

9 Essential Infrastructure Security Considerations for Kubernetes

Learn 9 security best practices to keep in mind while building out your Kubernetes architecture with Infrastructure as Code (IaC).

Oct 20, 2022

AppSec and CloudSec 101: Blurring the Lines Between Cloud-Native App Layers

Cloud Computing, DevSecOps

AppSec and CloudSec 101: Blurring the Lines Between Cloud-Native App Layers

Get tips for leveraging infrastructure as code to maintain cohesive application and infrastructure security for your cloud-native teams.

Sep 28, 2022

Blogs by Chris Tozzi

Sort By:

6 DevSecOps Metrics for DevOps and Security Teams to Share

DevSecOps

6 DevSecOps Metrics for DevOps and Security Teams to Share

Here’s a primer on which types of goals security and DevOps can pursue collectively, and which metrics they can use to measure their shared progress.

Nov 06, 2020

How To Prevent the 5 Most Common Software Supply Chain Weaknesses

DevSecOps, Secure the Cloud

How To Prevent the 5 Most Common Software Supply Chain Weaknesses

Learn the basics of software supply chain security and 7 best practices to protect yourself against common software supply chain weaknesses.

Jun 13, 2023

Infrastructure as Code Security and AppSec: Streamlined DevSecOps From App to Infra

DevSecOps, Secure the Cloud

Infrastructure as Code Security and AppSec: Streamlined DevSecOps From App ...

Learn how to get streamlined DevSecOps when you consolidate AppSec and infrastructure as code security.

Nov 15, 2022

Avoiding the Pitfalls of the Shared Responsibility Model for Cloud Security

Cloud Workload Protection Platform

Avoiding the Pitfalls of the Shared Responsibility Model for Cloud Security

Exploring the shared responsibility model for cloud security, what it means for different service models, and how to navigate its complexities.

Sep 24, 2020

AppSec and CloudSec 101: Blurring the Lines Between Cloud-Native App Layers

Cloud Computing, DevSecOps

AppSec and CloudSec 101: Blurring the Lines Between Cloud-Native App Layers

Get tips for leveraging infrastructure as code to maintain cohesive application and infrastructure security for your cloud-native teams.

Sep 28, 2022