Updates, insights, and commentary from the OSA community. Tracking the evolution of security architecture since 2008.
Every CI/CD pipeline is an automated pathway to production. Every automated pathway to production is a potential attack vector. SP-028 addresses the security architecture that sits between these two truths.
A busy week for OSA. We've shipped a completely new icon library, added PCI DSS v4.0.1 compliance mappings, and have some exciting news about what's coming next.
After 17 years of serving the security architecture community, Open Security Architecture has a new home.
One of the OSA team has kindly spent some time updating the CMS template, and modernising the look. It's a holding pattern but it means the site stays supported a bit longer, while we figure out some new content.
Quick update. It has been a long time since the core team provided any significant updates for OSA. We are still interested in developing the ideas in this project and have been discussing moving to a modern platform and workflow.
OSA has an updated template and new CMS thanks to Chris. We have plans for a secure data centre pattern shortly, and will be refreshing the site structure and content in the coming months. Stay tuned.
Just read a great article on Ars Technica covering a 1970 DoD analysis of computer system vulnerabilities...
Just to let you know that we are still alive and this project has not died. We have some new ideas to reinvigorate...
We are still here (thanks to those of you who've written to check)....however the core team have been busy on other projects (and their day jobs)....which all in all has meant slow progress.
We've added a new icon to the 13_02 set for an upcoming PCI pattern. We now have a White Hat to represent an ethical 'hacker' (I place it in quotes as the term originally meant computer user who hacked together code quickly to achieve a given objective, and has somewhat changed meaning in recent years), a.k.a Pen Tester.