Friday, November 24, 2017

Press Commentary to SC Magazine UK

I gave a press commentary earlier this week on web application security, and how the landscape has changed. Davey Winder has used some of my comments in his piece, which went live this morning. The article is called "
OWASP vulnerability chart suggests web app devs are not smelling the security coffee" 

The article link is attached below:

https://www.scmagazineuk.com/owasp-vulnerability-chart-suggests-web-app-devs-are-not-smelling-the-security-coffee/article/709470/

Sunday, October 8, 2017

Building application security in from start to finish - SD Times Article

I was interviewed by SD times website. Attached is the link for the interview posted on October 1st 2017.

http://sdtimes.com/building-application-security-start-finish/

Friday, September 8, 2017

Search Files and Copy to a Folder

It has been a herculean task creating, updating Visio since I got a Windows Virtual Machine from my company for my Mac. Sharing folders, the virtual machine crashing, copying back and forth, and the numerous folders I had were making things even worse.

So, I decided to keep all windows specific files in one single folder so it would be easy to share those specific folders and manage them. When I did a quick search for Visio files, found out over the years I had created literally 100's of them. You can imagine copying them one by one based on if I even need them or not.

Being a automation queen, I decided to use the same. A simple command run once, search all files and copy them. Hurray. Below is the command if you are looking for something similar.


msubbarao$ find . -name "*.vsd" -type f -exec cp {} /Users/msubbarao/Documents/development/visio-diagrams \;

Once this worked, I used the same for all my powerpoint and went a step ahead. 

Meera:~ msubbarao$ find . -name "*.ppt*" -type f -exec cp {} /Users/msubbarao/Documents/development/presentations \;

Now that I have this in my blog, I can revisit this commands and get anything copied in one simple command. Yay to technology!

Friday, July 7, 2017

Building your DevSecOps pipeline: 5 Essential Activities



Published an article on building your #DevSecOps pipeline: 5 essential activities http://bit.ly/2tWJU1G on my company's blog. Read at your leisure, share your thoughts.

Tuesday, May 23, 2017

Software Test Professionals Fall Conference 2017, September 26 – 29

I will be speaking in the Software Test Professionals Fall Conference 2017, September 26 – 29, held in the DC Metro Area on Risk Based Security Testing. It is a 60 minute session.

 Below is the link to my speaker page.
 Speaker - Meera

And the link to the conference page:

STP Conference

Friday, May 19, 2017

Building security into the DevOps life cycle

A new eBook I wrote for my company has just been published. Download a copy from the company website.



The primary goal when breaking the build in the CI/CD DevOps life cycle is to treat security issues with the same level of importance as quality and business requirements. If quality or security tests fail, the continuous integration server breaks the build. When the build breaks, the CI/CD pipeline also breaks. Based on the reason for the broken build, appropriate activities such as architecture risk analysis (ARA), threat modeling, or a manual code review are triggered.
This eBook provides actionable insight into:

  •  Building security into your DevOps SDLC 
  • Understanding the relationship between security and quality in the CI/CD pipeline 
  • Coordinating various teams to ensure that the process is well defined, tools are properly configured, and developers are ready to resolve issues when the build breaks
Download the eBook from here:

Friday, March 10, 2017

New Apache Struts 2 Zero-Day Vulnerability: What You Need to Know

Synopsys just published an article about the critical Struts 2 vulnerability. Read to know how to mitigate the same.

https://blogs.synopsys.com/software-integrity/2017/03/10/apache-struts2-zero-day-vulnerability/

Wednesday, March 8, 2017

#BeBoldForChange on International Women’s Day 2017

And here is the one I wrote for my company Synopsys.

https://blogs.synopsys.com/software-integrity/2017/03/08/beboldforchange-international-womens-day-2017/

Read at your leisure!

#BeBoldForChange

Today is International Women's day. The UN theme for 2017 is Empowering Women: Empowering Humanity #BeBoldForChange. What better way to celebrate it than by writing a blog post about breaking the stereotype messages we hear all the time?

I am bold and strong being a woman.
I am bold and fierce being a Senior Principal Consultant in the Security Consulting world, which is dominated by Men.
I am bold and loving and caring being a Mom, in spite of having missed a few award ceremonies and a few tennis lessons for my Daughter.
I am bold and a loving Wife, and still cry on the shoulders of my amazing Husband.
I am bold and still scared while driving at night, and call my Husband.
I am bold and an amazing cook, but still crave for a plate of food to be handed to me when I return from a long day at work. I enjoy every bite of it when handed to me by none other than a Man my Husband.
I am bold and a woman, and Mentor many men at work.
I am bold and a Hindu, and still believe in the Supreme Lord Krishna.
I am bold and a staunch devote of my beloved Guru who is again a Man.
I am bold and a confident woman, and speak at many events and conferences which is filled by Men.
I am bold and adventurous and travel alone for Work.

Who says that being a woman means doing the stereotypes? I have broken several barriers, and push my Daughter, my Mentees, woman I work with, woman I met in my everyday life to break those barriers, and still be a woman.

To quote from the blog I wrote for my Company with minor changes:

This International Women’s Day, based on the theme I want to challenge women around the world to be brave and bold. Be BRAVE and be BOLD, sign up for new challenges which you have never accomplished. Challenge yourself to break the stereotypes.

I will close this post by a famous quote from our 44th President of the United States Barack Obama “Change will not come if we wait for some other person, or if we wait for some other time. We are the ones we've been waiting for. We are the change that we seek.” 

-->

Monday, March 6, 2017

Speaking at We RISE Women in Tech Conference

My talk has been selected for We RISE Women in Tech Conference. The conference is on June 23rd Friday and June 24th Saturday at Atlanta, GA 30303.

You can find details about the conference and the venue at the link below:

We Rise Women in Tech Conference