Democracy & DevOps: What Is the Proper Role for Security?

Source – darkreading.com Security experts need a front-row seat in the application development process but not at the expense of the business. With the advent of the cloud and DevOps, the job of implementing security has been dispersed more widely across IT. This has led to significant gains in speed and agility, but it has also created unacceptable risk for the business. For security, the pendulum has swung too far toward democracy. We need to pull it back. It’s easy to

Read more

From DevOps to DevSecOps: Structuring Communication for Better Security

Source – darkreading.com A solid approach to change management can help prevent problems downstream. Security has long been considered an afterthought in the software development process, with ad hoc measures typically tacked on just before release. This approach is no longer adequate in sustaining today’s expectations for rapid and reliable service. DevSecOps is emerging as a superior way to integrate security throughout the DevOps cycles, using better intelligence, situational awareness, and enhanced collaboration. It entails a solid approach to change management,

Read more

Avoid These Common DevOps Pitfalls

Source – itbusinessedge.com Virtually everybody is interested in doing DevOps these days, but more than that, there is tremendous pressure to do DevOps right. After all, the IT landscape is littered with technologies and initiatives that seemed to promise great things but, for one reason or another, failed to deliver. When it comes to DevOps, the concept is solid – faster, more agile, development, lower costs, a better user experience – so the only thing that can really foul it up

Read more

What is DevSecOps? Developing more secure applications

Source – itworld.com The simple premise of DevSecOps is that everyone in the software development life cycle is responsible for security, in essence bringing operations and development together with security functions. DevSecOps aims to embed security in every part of the development process. It is about trying to automate core security tasks by embedding security controls and processes early in the DevOps workflow (rather than being bolted on at the end). For example, this could be the case when migrating to

Read more

Incorporating security is the next step in the evolution of DevOps

Source – techtarget.com DevOps has been a staple at Actifio Inc. since its founding in 2009. But much like the evolution of DevOps has continued throughout the past eight years, so has the tech company’s version of it. In fact, Actifio has moved into the next iteration: DevSecOps. The company has shifted security testing to a much earlier stage in product development, said Actifio CSO John A. Meyers. It also increased automation and gave developers, solution architects and product managers access

Read more

Common sense DevSecOps tips for developers

Source – jaxenter.com DevSecOps might be the latest in a long line of tech buzzwords, but it’s actually a fairly practical way at promoting secure tech practices while uniting different spheres of production and operations. But getting into a DevSecOps mindset requires serious collaboration to change processes and tech for the better. As DevSecOps is rapidly becoming the preferred approach for organizations, it becomes even more important to take a moment and make sure everything is heading in the right directions.

Read more

Closing the DevOps and database gap

Source – sdtimes.com Security isn’t the only aspect overlooked in a DevOps approach. According to Robert Reeves, co-founder and CTO of Datical, a database automation company, database deployments are often forgotten about. “Pushing out the application is the easy part of DevOps,” he said. “It is managing and automating database changes that is the real challenge.” According to Reeves, the database deployment process is often slow, error-prone, and resource intensive because a lot of companies are still doing it manually; but

Read more

CA ‘Modern Software Factory’ Boosted By DevOps, Automation & Security Updates

Source – silicon.co.uk CA WORLD 2017: CA releases 20 new products and enhancements as it preaches the power of change through software CA has used its CA World conference in Las Vegas to detail new products and enhancements and to reiterate its commitment to help deliver ‘The Modern Software Factory’. CEO Mike Gregoire has pushed the idea since he joined the company five years ago and spoke to customers about the need to marry the concepts of “ideas and execution” by

Read more

With continuous security, SecDevOps deconstructs CI/CD

Source – techtarget.com DevOps has taken the IT world by storm over the last several years. It’s often credited as a way to reduce costs, speed deployments and improve corporate agility. Yet the application lifecycle management process is taking at least some of the blame in the fallout from recent high-profile security breaches. In principle, at least, “DevOps teams that deploy software are responsible for maintaining security by design,” said Craig Lurey, CTO and co-founder of Keeper Security, a Chicago-based security

Read more

GitLab tells us about Auto DevOps

Source – appdevelopermagazine.com As enterprises begin to embrace the benefits of DevOps to improve their application workflow, challenges still exist in the development process that prevent a streamlined workflow between developers and operations. In this interview, Sid Sijbrandij, CEO and co-founder at GitLab, shares insight on the company’s plans to offer an automated approach to DevOps, and shares solutions for enterprises who are interested in adopting DevOps as part of their business strategy. We sat down with Sid Sijbrandij to discuss

Read more
1 2 3 4