DevOps is being adopted across regulated industries, but old ITIL approaches to change management still create unnecessary lead times and risks. Fortunately, you don’t have to fall into the DevOps Lite trap with 20th century change management.
In Merkely, we use Artifact Binary Provenance as the foundation for our audit trails. Artifact Binary Provenance is a fancy term, but the idea behind it is really quite simple. All it means is that we can identify the software we have running in production.
At Merkely we do as much of our work as possible in a group setting, especially (but not limited to) programming. In our experience most tech teams don’t do this and we think they’re missing out on all kinds of advantages that come from working as an ensemble.
In this short video, Mike Long, our Co-founder and CEO, explains how teams delivering software in regulated industries can achieve CI/CD using CC = Continuous Compliance. If you deliver software in a regulated environment you’ll be familiar with change management processes.
Imagine you’re a Fintech CTO 🤓 with several teams and tens of microservices. Do you know what’s currently running in prod? How about yesterday? A week ago? Last month? And if you do know what’s in prod, do you also know how it got there?
In this blog we’ll explain how to automate the change and release compliance in a Secure Software Development Lifecycle. Merkely is new technology that enables teams in regulated industries, like fintech, to release compliant software on demand.
Google has always been a leader when it comes to security culture, and google’s approach to managing a secure development lifecycle is no exception. This article introduces Google’s Binary Authorization for Borg (BAB), and will show you how you can implement the same binary authorization system to ensure that production software and configuration deployed in your organization is properly reviewed and authorized.
In this article we introduce new technology that allows you to automate the change and release compliance in a Secure Software Development Lifecycle. It’s called Merkely, a DevOps Change Collaboration tool for teams in regulated industries.
Merkely is a DevOps change management platform for storing a record of compliance controls. It helps financial institutions, medical device manufacturers, automotive and other mission-critical development teams to prove conformance to their software process.