Thoughts on Security in the Modern Software Supply Chain with Caroline Wong and Paula Thrasher

Caroline Wong and Paula Thrasher at DOES 2017

Caroline Wong, Vice President at, Paula Thrasher, Director Digital Services, CSRA,
and I were having lunch at DevOps Enterprise Summit when the conversation took an interesting turn. Paula and Caroline had been on a panel the previous day and didn’t get a chance to do a deep dive into any of the topics.

As we were talking at lunch, I realized i was a good opportunity to give them a chance to talk with each other on government vs public software security, about how the OWASP Top 10 might best be used and to they have discovered as common security patterns in their large scale projects.

Have a listen…

About Caroline Wong
I am a strategic leader with strong communications skills, cybersecurity knowledge, and experience delivering global programs. My close and practical information security knowledge stems from broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. I have been featured as an Influencer in the Women in IT Security issue of SC Magazine, named as one of the Top 10 Women in Cloud by CloudNOW, and received a Women of Influence Award in the One to Watch category from the Executive Women’s Forum. I authored the popular textbook Security Metrics: A Beginner’s Guide.

About Paula Thrasher
Paula Thrasher has 20+ years experience in IT and has spent the last 15 years trying to implement Agile culture in the federal government. Paula’s first Agile project was in 2001, since then she has led over 15 programs and projects as an Agile developer, technical lead, Scrum master, or Agile coach. Her teams have helped two separate federal agencies migrate applications to Amazon AWS GovCloud, and done some other amazing DevOps ninja work along the way. Paula is a proud Carnegie Mellon University alumna with a B.S. in Statistics, is a Certified Scrum Master (CSM) and a Project Management Professional (PMP), but prefers learning new things through experience and working with smart people.

The following two tabs change content below.

Mark Miller

Senior Storyteller and Community Advocate at Sonatype
Mark Miller is Senior Storyteller and DevOps Advocate for TheNEXUS. His expertise is in the creation and growth of online communities. Mark is Executive Producer of the OWASP 24/7 Podcast Series and is co-producer of the world's largest online DevOps conference, All Day DevOps. You can follow him on Twitter: @AllDayDevOps. You can also find him as the moderator of the LinkedIn DevOps Group.

Related posts