Thursday, July 19, 2018

Consider cross-trained mentors

I am glad Carla picked my Mentoring quote for this article. I myself have seen the benefits of being a mentee and a Mentor.

Sunday, July 15, 2018

My articles on Synopsys Blog

Sharing a common link which has all the articles I have written for Synopsys on CI/CD, DevSecOps and a few other topics I deeply care about.

Common security challenges in CI/CD workflows

What are the common security challenges in CI/CD workflows? I wrote a blog to answers these questions here: … Subscribe to our blog to stay up-to-date with all things #CICD.

Wednesday, June 13, 2018

Research-backed perspectives on the state of DevSecOps.

My article live today on SC Magazine UK edition. Take a look at your leisure - Research-backed perspectives on the state of DevSecOps.

And the link:

Friday, May 11, 2018

How to integrate SAST into the DevSecOps pipeline in 5 simple steps

Time and again, clients have asked me how to integrate SAST tools into their DevSecOps pipeline.  They ask key questions like these: How do I manage false positives? How do I triage the results? What happens to new issues identified? My scan takes 4–5 hours to complete. How can I use this tool in my DevSecOps pipeline? What do you mean by “baseline scan”? Having a decade long experience in deploying Application Security tools helped me to document answers to several of my clients questions. If these are the questions you are asking, and you’re concerned about integrating a SAST tool into your DevSecOps pipeline, read on.

Here is the link of the article on my company's blog.

Wednesday, April 11, 2018

Speaking at DevOpsDaysRox, Denver

Attending @DevOpsDaysRox? Come listen to my presentation "Know Your Enemy, And Yourself: Demystifying Threat Modeling.

Tuesday, April 10, 2018

USA Today Article - Harnessing the Power of Women in Technology

USA Today recently featured three Synopsys engineers, who reflect on their experiences as women in tech and offer advice on carving out success in a male-dominated field. I am honored and humbled to be one of them. Link here:

Tuesday, March 6, 2018


Has continuous security arrived with the rise of rapid development? @TechBeaconCom talks to @synopsys' @MeeraRRao(that's me) about the increased number of orgs using developers to do #SwSec testing. Read more: #Cybersecurity #AppSec

Thursday, February 22, 2018


Here is my story in support of the #MentorHer movement illustrating how two of my Mentors Girish and Kabir encouraged me to dream big and empowered me to achieve my goals. Have a read! #MentorHer

Wednesday, February 14, 2018

Women In DevOps: Meera Subbarao

Women in DevOps, DevOps Queen, Leader in DevOps - lots of new titles. Was a very long tough journey to get here, but well worth it. Hope I can inspire many more women and men alike. Take a look at the interview cloudbees did. #hardworkspays And love the line I said " I hope I have helped break the glass ceiling for women in DevOps."

And here is the link for the article itself: Women in DevOps: Meera Subbarao

Friday, November 24, 2017

Press Commentary to SC Magazine UK

I gave a press commentary earlier this week on web application security, and how the landscape has changed. Davey Winder has used some of my comments in his piece, which went live this morning. The article is called "
OWASP vulnerability chart suggests web app devs are not smelling the security coffee" 

The article link is attached below:

Sunday, October 8, 2017

Friday, September 8, 2017

Search Files and Copy to a Folder

It has been a herculean task creating, updating Visio since I got a Windows Virtual Machine from my company for my Mac. Sharing folders, the virtual machine crashing, copying back and forth, and the numerous folders I had were making things even worse.

So, I decided to keep all windows specific files in one single folder so it would be easy to share those specific folders and manage them. When I did a quick search for Visio files, found out over the years I had created literally 100's of them. You can imagine copying them one by one based on if I even need them or not.

Being a automation queen, I decided to use the same. A simple command run once, search all files and copy them. Hurray. Below is the command if you are looking for something similar.

msubbarao$ find . -name "*.vsd" -type f -exec cp {} /Users/msubbarao/Documents/development/visio-diagrams \;

Once this worked, I used the same for all my powerpoint and went a step ahead. 

Meera:~ msubbarao$ find . -name "*.ppt*" -type f -exec cp {} /Users/msubbarao/Documents/development/presentations \;

Now that I have this in my blog, I can revisit this commands and get anything copied in one simple command. Yay to technology!

Friday, July 7, 2017

Building your DevSecOps pipeline: 5 Essential Activities

Published an article on building your #DevSecOps pipeline: 5 essential activities on my company's blog. Read at your leisure, share your thoughts.

Tuesday, May 23, 2017

Software Test Professionals Fall Conference 2017, September 26 – 29

I will be speaking in the Software Test Professionals Fall Conference 2017, September 26 – 29, held in the DC Metro Area on Risk Based Security Testing. It is a 60 minute session.

 Below is the link to my speaker page.
 Speaker - Meera

And the link to the conference page:

STP Conference

Friday, May 19, 2017

Building security into the DevOps life cycle

A new eBook I wrote for my company has just been published. Download a copy from the company website.

The primary goal when breaking the build in the CI/CD DevOps life cycle is to treat security issues with the same level of importance as quality and business requirements. If quality or security tests fail, the continuous integration server breaks the build. When the build breaks, the CI/CD pipeline also breaks. Based on the reason for the broken build, appropriate activities such as architecture risk analysis (ARA), threat modeling, or a manual code review are triggered.
This eBook provides actionable insight into:

  •  Building security into your DevOps SDLC 
  • Understanding the relationship between security and quality in the CI/CD pipeline 
  • Coordinating various teams to ensure that the process is well defined, tools are properly configured, and developers are ready to resolve issues when the build breaks
Download the eBook from here:

Friday, March 10, 2017

Wednesday, March 8, 2017

#BeBoldForChange on International Women’s Day 2017

And here is the one I wrote for my company Synopsys.

Read at your leisure!


Today is International Women's day. The UN theme for 2017 is Empowering Women: Empowering Humanity #BeBoldForChange. What better way to celebrate it than by writing a blog post about breaking the stereotype messages we hear all the time?

I am bold and strong being a woman.
I am bold and fierce being a Senior Principal Consultant in the Security Consulting world, which is dominated by Men.
I am bold and loving and caring being a Mom, in spite of having missed a few award ceremonies and a few tennis lessons for my Daughter.
I am bold and a loving Wife, and still cry on the shoulders of my amazing Husband.
I am bold and still scared while driving at night, and call my Husband.
I am bold and an amazing cook, but still crave for a plate of food to be handed to me when I return from a long day at work. I enjoy every bite of it when handed to me by none other than a Man my Husband.
I am bold and a woman, and Mentor many men at work.
I am bold and a Hindu, and still believe in the Supreme Lord Krishna.
I am bold and a staunch devote of my beloved Guru who is again a Man.
I am bold and a confident woman, and speak at many events and conferences which is filled by Men.
I am bold and adventurous and travel alone for Work.

Who says that being a woman means doing the stereotypes? I have broken several barriers, and push my Daughter, my Mentees, woman I work with, woman I met in my everyday life to break those barriers, and still be a woman.

To quote from the blog I wrote for my Company with minor changes:

This International Women’s Day, based on the theme I want to challenge women around the world to be brave and bold. Be BRAVE and be BOLD, sign up for new challenges which you have never accomplished. Challenge yourself to break the stereotypes.

I will close this post by a famous quote from our 44th President of the United States Barack Obama “Change will not come if we wait for some other person, or if we wait for some other time. We are the ones we've been waiting for. We are the change that we seek.”