Hi Everyone! It's been almost twelve weeks since I left my last job and started a sabbatical with the goals of relaxing and refreshing, sorting out all of the topics I've been curious about in my DevSecOps career, and learning more about the areas that interest me so that I can decide what to do next in my career. Having spent over four years at GitLab, where the platform offering spans the entire software development lifecycle, a broad set of topics and technological challenges have piqued my interest. I have decided to start this website and blog series so that as I explore, process, and learn, I can share what I have learned with others.
I spent the first few months traveling and decompressing, and capturing thoughts in voice notes as ideas emerged while I was getting lost in nature. I had great adventures with friends and my dogs.
 |  |
 |  |
A few main areas of interest have emerged, and I will be publishing a series of blog posts related to each category:
Software development metrics - what metrics make best sense to measure to drive optimal outcomes of delivering high quality, secure, high value features quickly, how to (and not to) use metrics to drive continuous improvement and steer the organization, and what data to use to calculate each metric
Application security - exploring practices and tooling outside of just "code scanning" - I'm taking a Cloud Native Application Security self-paced training through Practical DevSecOps and learning so much about the biggest risk factors in application security. I'm also exploring offerings of different application security posture management (ASPM) applications, and digging deeper on effective dependency management to reduce vulnerabilities, including distroless container images or other hardened images like Chainguard, registry options such as Harbor, and tools available for managing and auto-updating dependencies to reduce risks of vulnerabilities
Customer success and churn prevention - given my broad experience in both pre- and post-sales roles at B2B subscription-based tech companies over the past 15+ years, let's just say I have a lot of thoughts on this topic that have taken me quite awhile to sort out
I'm really excited to share my learnings! Stay tuned for the first blogs to drop soon.
Comments