What is devsecops and why should your business care?

Source – techcentral.ie Although tacking on another three letters to the already heavily abbreviated ‘devops’ has the uncomfortable aura of word soup, ‘devsecops’ is a logical, essential continuation of the devops mindset. Devops is loosely defined as the process of breaking down silos within organisations so that developer and operations teams are working side by side, and using automation wherever possible, with the aim of working towards common goals and releasing better, more stable software at speed. Bringing security into that

Read more

10 tough Jenkins interview questions and answers for DevOps engineers

Source – theserverside.com To be a full stack developer or a DevOps engineer, you need to know CI/CD. It is an absolute requirement. If you’re applying for a new technical position and want to be prepared, here are 10 tough Jenkins interview questions and answers for DevOps engineers that employers often ask. Jenkins interview questions strategies A good strategy to use to apply to this set of tough Jenkins interview questions and answers for DevOps professionals is to first read through each

Read more

DevSecOps: How to conquer 3 big culture challenges

Source – enterprisersproject.com Just about any DevOps shop will hit speed bumps on the path toward continuous learning and improvement. “Organizations are increasingly adopting DevOps environments in hopes of achieving transformative velocity and innovation,” says Elizabeth Lawler, VP of DevOps security at CyberArk. “But like any new business initiative, this comes with challenges – and in the case of DevOps, it’s often around culture and areas of responsibility.” Even issues that seem technical in nature are often rooted in people. Take security: It’s as

Read more

Agencies Should Look Beyond DevOps to DevSecOps

Source – meritalk.com As Federal agencies adopt DevOps practices to shorten development cycles and increase deployment frequency, security must be interwoven into every aspect of the process from design, through coding, testing, release, and operation. DevOps, a moniker that is a combination of development and operations, is now morphing into DevSecOps as organizations and security professionals rethink how they develop, manage, and secure applications. A primary goal of DevSecOps is to break down barriers and open collaboration between development, security, and

Read more

Back to the Future: Stick to the Fundamentals for DevOps Security

Source – tripwire.com In early August, I will be leading a couple of sessions at the Community College Cyber Summit about cybersecurity fundamentals. I’ve also been spending time working with my amazing colleagues here at Tripwire on a really cool new offering for DevOps pipelines – Tripwire for DevOps. Spending so much time going back and forth from “back to basics” and “the future of development” had me thinking that securing DevOps is really Back to the Future. There have been a number of great posts about

Read more

How the new developer culture dictates development security

Source – sdtimes.com The 24×7 digital economy is requiring many organizations to release apps and application updates on a near-continuous basis in order to keep up with increasing customer demand—or face being left in the dust by competitors. Developer teams have their hands full trying to deliver functional, feature-rich updates on time. In this hyper-competitive environment, security is often too easy to deprioritize when faced with the pressure to get an app out the door. The rising trend of breaches from

Read more

DevSecOps: 3 ways to bring developers, security together

Source – enterprisersproject.com Applications are the heart of the digital business, with code central to the infrastructure that powers it. In order to stay ahead of the digital curve, organizations must move fast and deploy code quickly, which unfortunately is often at odds with stability and security. With this in mind, where and how can security fit into the DevOps toolchain? And, in doing so, how can we create a path for successfully deterring threats? As DevOps continues along its path

Read more

DevOps Experience: Learn a Lot without Leaving Your Spot

Source – devops.com The great thing about conferences is they can be hotbeds of learning: keynote presentations, seminars, one-on-one sessions, networking … the list goes on. The drawback, however, is the travel: delayed flights, the dreaded middle seat on the airplane, lost luggage, jet lag … the list goes on. That’s why virtual conferences are now my first choice: All the of the learning, none of the hassle. MediaOps—the company behind DevOps.com, Container Journal, Security Boulevard, DevOpsTV and more—and CA Technologies

Read more

DevOps Security: 3 Privileged Access Management Best Practices

Source – devops.com The tremendous upside of DevOps practices and tools are enough to keep organizations pressing forward at all costs. But when sloppy use of DevOps toolchains cause breaches, more than half the time it comes down to poor protection of privileged accounts. According to a recent study by security vendor Beyond Trust, 52 percent of IT practitioners say that overprivileged users are at the root of DevOps and other next-generation technology-caused breaches. If organizations are going to reap the biggest benefits

Read more

GitLab 11.1 devops tool improves security controls

Source – infoworld.com GitLab, a DevOps platform based on the Git software version control system, gains increased visibility into security with its Version 11.1 release, as well as other enhancements. The new security dashboard reports on the latest security status of each project’s default branch. Security teams can determine if something is wrong and take actions if needed. The dashboard can be used to dismiss false positives or create issues to solve vulnerabilities. Teams can also adjust the criticality weight of vulnerabilities. The security

Read more
1 2 3 8