We are thrilled to announce 📢 Kosli is now SOC 2 Type 2 compliant - Read more
New Feature: Kosli Trails is liveCreate comprehensive audit trails for any DevOps activity - Read more
images/blog/kosli-bruce.png

Articles by Bruce Johnston


Why we’ve open sourced our secure SDLC process template

One of the big things we’ve learned since starting Kosli is that engineers often struggle to define an SDLC for compliance purposes. That doesn’t mean they don’t know how to deliver secure, …

DevOps Change Management Resources

The DevOps Change Management Content Hub is a set of resources for modern software teams who struggle to align their DevOps automation with their change management requirements. In our experience, …

A Guide to Continuous Security Monitoring Tools for DevOps

DevOps has accelerated the delivery of software, but it has also made it more difficult to stay on top of compliance issues and security threats. When applications, environments and infrastructure are …

Understanding ISO 27001 Security - and why DevOps teams choose Kosli

Modern software delivery teams find themselves under constant pressure to maintain security and compliance without slowing down the speed of development. This usually means that they have to find a …

Backstage Developer Portal

*Disclaimer: The complete Backstage guide is open sourced on Github and you can suggest changes to the content if you know it needs updates. We continuously review the pull requests and improve the …

The Code Story podcast - how to deliver software with Continuous Compliance and Kosli

How do you “keep the receipts” for your software process? Is it possible to automate change controls and deploy software with Continuous Compliance? Earlier this year, Mike appeared on the CodeStory …

How to prove your SDLC is being followed for compliance with medical standards like IEC 62304

If you’re part of a software engineering team in digital health, medtech, medical devices, Software as a Medical Device (SaMD), etc. you have to comply with regulatory standards. And one of the …

How to achieve compliance with FedRAMP Continuous Monitoring

One of the most common frustrations we hear from CTOs and CISOs is that it’s really hard for them to figure out what they’re supposed to do to achieve software delivery compliance for regulatory …

Docker Inspect Explained: The Essential Guide

These days, it’s hard for a software engineer to go about their work without bumping into a Docker container. But when we bump into one that’s behaving oddly, how do we go about finding …

Ready to ship with more confidence?

Get security and compliance you can trust without slowing down or changing your tools.
Request a demo Start for free
Auditor and Kosli user

Got a question about Kosli?

We’re here to help, our customers range from larges fintechs, medtechs and regulated business all looking to streamline their DevOps audit trails

Contact us