Archive by Author

Road To ALM – Episode 3 Local Credential Scanning

In this episode I’ll show how you can use the CredScan build task to scan multiple repositories at the same time. By running locally on your PC or by using the same mechanism to create a schedule Continuous Assurance Job. Advertisements

Continue reading

Road To ALM – Episode 2 Credential Scanning in the pipeline

In this episode I talk about Credential Scanning in the pipeline. By using the buildtasks that are available on the website http://secdevtools.azurewebsites.net/ you can use the new Microsoft Credential Scanner to find secrets, password, certificates, SAS tokens and PAT’s before they end up in your master branch. I will show how to get the task […]

Continue reading

Road To ALM YouTube Channel

It’s 2019 and I wanted to start something new. So I started a Road To ALM YouTube channel as an addition to this blog. In this channel I will create short, compact videos that cover a subject that interests me. Probably something in the DevOps space. But hey, why write if you can run the […]

Continue reading

Distribute your blessed ARM templates with Universal Packages in Azure DevOps

There is a fine-grained balance between full autonomy of a team and arranging things on a more central level.  One of the things I talk about, when I talk about shifting to Rugged DevOps, is the use of blessed libraries, scripts and templates. As an example, if all your teams write their own logging library, you […]

Continue reading

Where to start with DevOps Metrics?

Now that more and more teams and organizations are moving towards a DevOps way of working, I get asked the question “What should we measure?” a lot. To be very honest, I find this a very hard question. The main reason is that metrics are always a point of discussion and a trigger for behavior […]

Continue reading

Growing your DevOps Mindset

Practicing DevOps successfully requires knowledge on hard skill areas such as continuous delivery and automated testing. But the most important part is creating a culture where people show courage, work on teambuilding, practice DevOps leadership and have a continuous improvement mindset. Developing these soft skills is hard. One of the reasons for that is that […]

Continue reading

VSTS Rest API – Hard to find methods

This post does not have a lot of text, only an introduction. I use the VSTS Rest API quite a lot and the documentation is great, but not everything is documented or hard to find. In this post, I list some snippets that you can use to get even more out of the VSTS Rest […]

Continue reading

Organizing the Global DevOps Bootcamp 2018

This year, on June 16th, 2018, we (Marcel de Vries (Xpirit), Mathias Olausson(Solidify) and me(Xpirit)) organized the second Global DevOps Bootcamp. I did a blogpost on Global DevOps Bootcamp 2017 earlier. This year we wanted to do it again and of course we aimed to make it a bit bigger. In 2017 we had 30 […]

Continue reading

In a perfect world Devs do not need Ops

Originally posted at: https://xpirit.com/2018/04/06/in-a-perfect-world-devs-do-not-need-ops/ Together with my colleague Geert van der Cruijsen I wrote this article on DevOps and how Ops should be changed. This is an introduction to the Open Source library we are creating on Azure Security as Code. Purpose of this library is to maintain all Azure settings in code instead of […]

Continue reading

Secure or Compliant? That is the question!

Compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that organizations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws, polices, and regulations. (source: https://en.wikipedia.org/wiki/Regulatory_compliance) Within many organizations, compliance is a commonly used […]

Continue reading