Kosli is a tool for DevOps teams who want to ship lots of changes AND stay in compliance with regulation. DevOps teams in industries like banking, healthcare, and automotive tell us that gathering evidence for compliance with standards relies on a lot of processes that are manual, unreliable, and slow everything down. So, if you’re struggling to stay on top of how your software changes - especially when it comes to audit, compliance, security, and incident response why not try Kosli for FREE

• 🙌  Check out Kosli's site!

• 💻  Connect with me on LinkedIn

• 🐦  Let's talk more on Twitter

• 📫  How to reach us info@kosli.com

• 👨‍💻 Read more about our Co-Founders Mike Long James Logan

Welcome to the Kosli blog, where we talk all about DevOps, automation, continuous compliance and change management. Stay up to date with the latest news, updates and ch-ch-changes 🤓

🐦 Twitter 💻 LinkedIn 🖥️ kosli.com

• [Succeeding with Backstage 2: Building and Maintaining Custom Plugins](https://www.kosli.com/blog/kosli-changelog-october-2023/

• Succeeding with Backstage 1: Customizing the Look and Feel of Backstage

• Kosli Changelog - October 2023

• Implementing Backstage 3: Integrating with Existing Tools Using Plugins

• Implementing Backstage 6: Deploying Backstage on Kubernetes

• Implementing Backstage 5: Using the Kubernetes Plugin in Backstage

• Implementing Backstage 4: Security and Compliance

• What Is Continuous Security Monitoring Software?

• Implementing Backstage 2: Using the Core Features

• Implementing Backstage 1: Getting Started

• What is an SBOM and do you REALLY need it?

• Kosli - A Flight Data Recorder for your Runtime Environments

• Kosli Changelog - April 2023

• How to prove your SDLC is being followed for compliance with medical standards like IEC 62304

• Kosli Changelog - July 2023

• Ace your way through painless audits with Kosli's Evidence Vault

• From Monitoring to Action - Get Faster Incident Response with Change Forensics

• Kosli Changelog - June 2023

• How to record events in your CI pipelines with Kosli Flows

• Data Tampering: A Comprehensive Guide

• Terraform Import: What It Is and How to Use It

• CRLF Injection, Explained: An In-Depth Guide

• Kosli Changelog - May 2023

• This $80m Banking Incident shows that Change Controls don't work

• The Dark Side of DevSecOps and the case for Governance Engineering

• Authentication Failures: Definition, Consequences, and Prevention

• How to Use Ansible Copy Module: An In-Depth Guide

• Command Injection: A Guide to Types, Risks, and Prevention

• What Is Broken-Access Control? Examples and Prevention

• Docker Secrets: An Introductory Guide with Examples

• The Benefits and Challenges of Building an SBOM

• The Code Story podcast - how to deliver software with Continuous Compliance and Kosli

• Kosli Changelog - September 2023

• Evaluating Backstage 1: Why Backstage?

• Evaluating Backstage 2: How Backstage Works

• Evaluating Backstage 3: Backstage vs. Competitors

• How to Track and Enforce Snyk Scans Across Your Production Environments

• Kosli Changelog - August 2023

• Stay on top of every change with Kosli Notifications

• How to record a business process with Kosli’s Audit Trail

• Staying Ahead of Threats with Continuous Security Monitoring Tools for DevOps

• The DevOps Security and Compliance Guide

• How to Provision Your AWS Lambda Function Using Terraform

• Kosli Changelog - March 2023

• How to achieve FedRAMP compliance with Continuous Monitoring and NIST 800-137 and NIST 800-37

• How to Use the AWS Lambda Function in Python

• DevSecOps: The Broken or Blurred Lines of Defense

• How to create and manage functions in Lambda with AWS CLI

• How to run your Python Flask server inside a readonly Docker container

• Kosli Changelog - February 2023

• How to strangle old code using Python decorators

• A Deep Dive into fmt Printf in Golang

• What is AWS Lambda? An Introduction and Guide with Examples

• How to Publish Your Golang Binaries with Goreleaser

• Docker Inspect Explained: The Essential Guide

• Help, we’re doing ISO27001! Why, what, and how?

• Regulations v DevSecOps: Requiem

• Inside Investments Unlimited with John Willis

• Understanding Golang Command Line Arguments

• Kosli Changelog - January 2023

• Knight Capital - A story about DevOps Automated Governance

• A short history of the software bill of materials (SBOM)

• How to Use Kubernetes Namespaces: A Guide with Examples

• Cybersecurity regulation and the software supply chain

• The Misunderstood Troll - A story about collaboration, communication and visibility in a regulated software organizations

• How to Configure CLI Tools in Standard Formats with Viper in Golang

• Get Python test coverage faster without killing your server

• How to Securely Create, Edit, and Update Your Kubernetes Secrets

• Understanding Your Kubernetes Deployment Lifecycle—A Guide with Examples

• Kosli Changelog - December 2022

• Looking back on 2022: Kosli wrap-up

• 10 books you need to read if you’re building a developer tool company

• Why I joined Kosli - a story about DevOps and modern governance

• Understanding Kubernetes Events: A Guide

• Kosli Changelog - November 2022

• “Did I break prod?” Part 2. Introducing the Kosli Search command

• The Ultimate Guide to git blame: A How To with Examples

• Git Blame in VS Code: The 4 Best Options

• What's going on at Kosli?

• How to define your software process using the DevOpsCTL Framework

• Docker Tags Demystified: A Guide With Examples

• Does the GitOps emperor have no clothes?

• DevOps Compliance Agency (DCA) investigating The DevOps Enterprise Summit in Las vegas

• Review: Investments Unlimited - A Novel about DevOps, Security, Audit Compliance, and Thriving in the Digital Age

• Git and the benefits and challenges of everything-as-code

• Tracking changes for your Amazon S3 and Lambda functions with Kosli

• “Did I break prod?😰” The day I realized Kosli would’ve known the answer

• Why developers need a DevOps database

• Merkely is now Kosli!

• How to do Continuous Delivery in your ITIL framework?

• Continuous Compliance: A DevOps culture

• Why ITIL Change Management doesn’t work for DevOps teams

• Visma Tech Talk with Kosli's Mike Long - DevOps: The Beginning of Infinity

• How are Docker digests calculated and are they mutable?

• How Merkely automates Change Management for Kubernetes workloads

• My experience of working remotely with our customers

• 5 reasons why your CI system is a terrible Compliance System of Record

• How to design a DevOps Compliance System of Record

• How regulated teams can avoid the DevOps Lite trap with DevOps Change Management

• How to secure your software supply chain with Artifact Binary Provenance

• Merkely 2021 - Making friends with change

• 8 reasons why we do ensemble programming

• My first week at Merkely - Meet, mobbing, and more!

• It's 2021! Why does Change Management still suck?

• We're hiring! 2 x Sales Development Reps (SDRs)

• NDC Techtown - Testing as an equal 1st class citizen (to coding)

• DevOpsDays Oslo - 16th Nov 2021

• DevOps Engineer in Customer Success and Developer Relations 🚀

• DevOpsCon: Munich & Online. Making friends with change

• What does it mean to deliver software with Continuous Compliance?

• The Jan Bosch Interview: The Future for Technology Companies

• The Jan Bosch Interview: Software Innovation in Embedded and Regulated Systems

• The Jan Bosch Interview: Industry and Academia

• How to automate a secure chain of custody across your pipelines in 5 steps

• We're heading to DevOps Con Berlin!

• DevOps and the future of Change Management

• Is faster actually safer? How software physics beats human psychology

• What the FCA found when analyzing 1 million production changes

• How To Release Compliant Software on Demand

• How to Ensure Software Provenance. Just like Google

• Introducing Continuous Compliance with Merkely

• Building a Fintech with DevOps DNA

• ComplianceDB becomes Merkely🚀

• Frontend Developer 🚀

• Using Git for a compliance audit trail