Operations | Monitoring | ITSM | DevOps | Cloud

How to prove your SDLC is being followed for compliance with medical standards like IEC 62304

If you’re part of a software engineering team in digital health, medtech, medical devices, Software as a Medical Device (SaMD), etc. you have to comply with regulatory standards. And one of the biggest challenges engineering leads have in this sector is figuring out what they have to do to achieve software delivery compliance.

Kosli - A Flight Data Recorder for your Runtime Environments

Have you ever had to debug an environment and found it hard to understand exactly what had changed? In the worst case scenarios you have to figure this out during high-pressure situations, like when an outage or regression has happened. Digging through platform logs and cloud consoles is a real nightmare, and it’s often futile because the information has disappeared.

What is an SBOM and do you REALLY need it?

Your code base is growing more and more by the minute alongside the apps your business uses and develops. To give some context, the Linux Foundation Report estimated that “Free and Open Source Software (FOSS) constitutes 70-90% of any given piece of modern software solutions”. This means that 70-90% of your final software possibly depends on OSS.

The Benefits and Challenges of Building an SBOM

The EO 14028 regarding supply chain security and the need to generate a Software Bill of Materials feels closer to more and more organizations. It might feel like a threat - and that’s a fair feeling. The whole topic of Billing of Materials is not new, but it is a relatively recent trend for software.

Kosli Changelog - March 2023

Hello, and welcome to the March edition of the changelog. Spring is on her way, days are now longer than nights (at least in the northern hemisphere where me and my Kosli colleagues reside) and new Kosli features are popping up like snowdrops. We have the latest release of the CLI and a bunch of other stuff to share with you, so let’s get right into it.

Help, we're doing ISO! Why, what, and how? Continuous Compliance - Espen & Øyvind - Stacc

Espen Thomassen Sæverud - CTO Stacc & Øyvind Fanebust - Partner - Stacc Help, we’re doing ISO! Why, what, and how? Continuous Compliance Espen & Øyvind have extensive experience in banking and finance with particular expertise in the area of Continuous Compliance. In this talk they will take you on a journey towards ISO certification, discussing challenges and best approaches.

DevSecOps The Broken or Blurred Lines of Defense - John Willis - Kosli

With the modern patterns and practices of DevOps and DevSecOps it’s not clear who the front-line owners are anymore. Today, most organizations' internal audit processes have lots of toil and low efficacy. This is something John has referred to in previous presentations as “Security and Compliance Theater.” Filmed at Exploring DevOps, security, audit compliance and thriving in the digital age in Oslo Dec 8th at Rebel.

Inside Investments Unlimited with co-author John Willis - Distinguished Researcher at Kosli & Author

John Willis - Distinguished Researcher & Author dives into Investments Unlimited the latest novel from IT Revolution. It’s about an investment bank dealing with DevOps, DevSecOps, and IT Risk. John is co-author of this bestseller and he will share the story behind the book, how and why it was created, and the real life lessons it holds for all regulated software organizations.