SecDevOps: Putting Security at the Heart of DevOps

Source – securityintelligence.com Agility has become an unavoidable necessity in a fast-moving technology environment, but achieving it can be a challenge for organizations and their development teams. The DevOps philosophy provides a road map; following it is not always as easy. Even more crucial than the need to transform the development process is the need to protect against ever more sophisticated threats and attacks. But some organizations are finding that agility and security can go hand in hand. SecDevOps is an

November 8, 2017 bestdevops Continuous Delivery, Continuous Integration, DevOps Leave a comment

Automated risks – secrets of DevOps security exposed

Source – diginomica.com The enterprise cyber- and data security landscape is constantly shifting, with new threats bubbling to the surface. One emerging security vulnerability is the booming DevOps environment. Digital transformation within the organization and the ‘consumerization’ of IT are encouraging many enterprises to bring traditional IT and new product development together under the same management umbrella. DevOps specialists are at the core of this new function. The theory is that they allow the central IT team to support business strategy

October 21, 2017 bestdevops Cloud Computing, DevOps, DevOps Best Practices Leave a comment

DevSecOps is important and here is why

Source – appdevelopermagazine.com In the digital age, securing your development projects against malicious hackers can be quite the challenge. And when you take security and try to scale security to an enterprise, the challenge seems insurmountable. Evident by the frequent hacking incidents we see come through the news. Enter DevSecOps. DevSecOps is a methodology that interweaves the aspects of DevOps and standard security practices. It attempts to prevent vulnerabilities that can occur at every step of the development process, and so,

October 16, 2017 bestdevops Agile, DevOps Leave a comment

Rethinking DevOps as DevSecOps

Source – appdevelopermagazine.com If you’re not already thinking right now that your DevOps teams should be run like a DevSecOps team, you may already be in a world of hurt. Time to wake up! As the adoption of APIs continues to grow, so do the risks to organizations that don’t actively test the security of their solutions. Modern Agile development frameworks have changed the way engineering teams produce products. Under these frameworks, products receive small, frequent updates daily or weekly rather

October 6, 2017 bestdevops DevOps, IT trends Leave a comment

How to Maintain Security when Rolling out DevOps

Source – informationweek.com DevOps may be up and running for your enterprise. Taking the time to integrate security will keep it that way. While DevOps is relatively new to mainstream enterprises, DevSecOps is even newer. And arguably it is just as important. While DevOps is designed to move fast, that can open up vulnerabilities in security that are easily preventable with the right controls. Development and security teams need to understand each other’s goals and requirements. Some might see security professionals as purveyors

September 27, 2017 bestdevops DevOps, IT trends Leave a comment

DevOps evolves into DevSecOps

Source – devopsonline.co.uk According to Computer Weekly, DevOps is evolving into DevSecOps, and new tools are needed to automate IT policy management. In Sentinel, one tool emerged, including an option with enterprise versions of HashiCorp DevOps tools, such as: Consul for service discovery Vault for secrets management Nomad for container scheduling Terraform for infrastructure as code Sentinel offers policy as code features for both security and compliance and HashiCorp seeks to attract DevOps pros, to provide data analytics and financial services to

September 12, 2017 bestdevops DevOps, DevOps Updates, IT trends Leave a comment

DevOps Not A One-Size-Fits-All Strategy: CA

Source – cxotoday.com Many IT departments are siloed between development, operations, support, and management, but companies that are using a DevOps system seek to integrate them all for better productivity and a smoother overall workflow. In an exclusive chat with CXOToday, Abhilash Purushothaman, responsible for the overall DevOps Business across India and SAARC region at CA Technologies, said that the key objective is to bring products to market faster, deliver software and security updates more quickly, and make the entire process more reliable. If you combine

August 21, 2017 bestdevops Continuous Integration, DevOps Leave a comment

DevOps and security: 4 steps to end culture clash

Source – enterprisersproject.com More enterprises are embracing DevOps to improve development agility and speed up the rollout of business applications. However, speed can also increase security risks. Striking the balance between increasing business agility and ensuring information security requires that you integrate the security team into the DevOps methodology. This presents several challenges, including the time and effort required to break down the cultural barriers that separate the security and DevOps roles. Here are four key steps any organization can take to overcome these challenges. We developed these best practices

August 17, 2017 bestdevops Cloud Computing, DevOps, DevOps Best Practices Leave a comment

DevOps security has not caught up

Source – networksasia.net With the world’s fourth-largest internet population, Southeast Asia has in recent years become an attractive target for cybercriminals, their task made simpler by an underdeveloped system of data protection laws and weak adoption of cybersecurity best practices. The pace of innovation and rapid adoption of new technologies such as cloud and DevOps also pose further vulnerabilities for Southeast Asia. DevOps is the future, but organizations are not future-proof While seventy (70) percent state their organization plan to – or

August 16, 2017 bestdevops IT Training Leave a comment

Security teams must embrace DevOps practices or get left behind

Source – techtarget.com All companies, whether they realize it or not, are technology companies. Digital technology is transforming businesses. It is changing how companies operate and how they deliver value to customers. This increased reliance on technology is driven by the desire to bring new products and services to market in a faster, more efficient way to meet customer demand. New technology, including microservices and the public cloud, as well as various DevOpspractices, is now commonly utilized to bring products to market faster. Despite

August 12, 2017 bestdevops Agile, DevOps Leave a comment

DevOps and Security: Fighting factions or fabulous friends?

Source – cbronline.com DevOps processes focus on being agile, ahead of the game and able to deliver innovative software quickly and efficiently. Traditional software security processes prioritise thoroughness over agility and are often implemented as blocking gates at the last stages of software delivery. Due to this, these approach are often viewed as being in competition. It doesn’t have to be this way. More and more security breaches are uncovered every week, and it has become vitally important that security and

August 3, 2017 bestdevops DevOps, DevOps Best Practices, DevOps News Leave a comment

DevOps Security & the Culture of ‘Yes’

Source – darkreading.com I was talking to the CISO of a Fortune 500 healthcare company about how security teams work with their counterparts in other organizations. He lamented that he had recently overheard a peer refer to him derisively as the “C-S-No.” That was painful to hear because it brought into focus one of his most strategic challenges, one that security leaders everywhere are facing. That is, we as an industry haven’t figured out how to remain effective and relevant within

August 1, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

DevOps Security & the Culture of ‘Yes’

July 26, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Opportunity focus: USCIS seeks agile innovation with DevSecOps

Source – bgov.com U.S. Citizenship and Immigration Services (USCIS) is prepping two solicitations for Development, Security and Operations (DevSecOps) services — with the first laying the foundation for the advanced programs requested in the second. DevSecOps, the combination of DevOps and information security, is an agile approach to delivering secure software applications quickly. In the first solicitation, the USCIS Office of Information Technology is looking for a vendor to build and enhance systems in the cloud. Click here to download the request for information. The second solicitation builds on that

June 29, 2017 bestdevops Cloud Computing, DevOps, DevOps Best Practices Leave a comment

Accelerate DevOps by Automating Security

Source – searchaws.techtarget.com DevOps teams are under enormous pressure to accelerate development cycles and improve quality assurance. We live in a world where IT consumerization is a fact of life and speed to market is not just an enormous competitive differentiator but an absolute necessity. This is why DevOps teams are embracing modern initiatives such as agile development, containers and microservices. Demands for speed and accuracy—along with the potential for cost savings—are also driving DevOps’ growing reliance on cloud services: DevOps

June 2, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Improving Linux Security with DevSecOps

Source – linuxjournal.com Ask people who run IT departments these days what keeps them up at night, and they’ll probably tell you it’s security—or the lack of it. With the explosive growth of malicious attacks on everything from hospitals to Fortune 500s, security—not hardware, software and even staff—is what currently makes life miserable. That’s why organizations of all sizes are looking to change fundamentally how they do security. It’s no longer a single team’s job to make sure systems are secure

May 23, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Atlassian spurs DevOps adoption for the enterprise

Source – theserverside.com Software development toolmaker Atlassian is moving to empower large organizations to adopt DevOps despite challenges, such as global scale, deep-rooted silos, disconnected tools and complicated compliance requirements. To help spur DevOps adoption in the enterprise, Atlassian has added new features in its Bitbucket Server and Data Center 5.0 and Bamboo 6.0 products. Bitbucket is a hosting service for source code and development projects that enables developers to collaborate on projects. Bamboo is a continuous integration, deployment and

May 20, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Trends in DevOps: Security

Source – news.sys-con.com we’re pretty focused on being involved in the DevOps community by providing perspectives on where we’ve been, where we are and where we’re headed as a community — and of course hearing from the community as well! And, if you follow this blog you probably saw an earlier post recapping our Predictions and Trends in DevOps webinar, which brought together four DevOps thought leaders to give us their perspective on what’s happening in 2017 and beyond. If you haven’t already

May 3, 2017 bestdevops DevOps, DevOps Process, DevOps Updates Leave a comment

DevSecOps: Paradigm shifts are messy, but someone’s got to take the lead

Source:- infoworld.com A perfect storm of factors brewing in the dev, ops, and security worlds have created a window of opportunity to embed security into the application delivery lifecycle, in a needle-moving kind of way. However, security teams need to be the ones driving the DevSecOps charge or that needle will barely wobble. Given how many security practitioners spend their days putting out fires, adding “DevSecOps evangelist” to their job description is more likely to elicit groans than spur the desire

April 27, 2017 bestdevops DevOps, DevOps Best Practices, Software Leave a comment

DevSecOps, or how to build safer software so much faster

Source – techtarget.com Call it DevSecOps or SecDevOps or security in DevOps, but no matter what you call it your development organization will be tackling it soon. DevOps is hard to do and security is harder. But at a time when security breaches continue to dominate the headlines, there’s no question that security and DevOps need to come together. The only issues are when and how. A recent survey by DevOps software supply chain provider Sonatype found that for every

« 1 2 3 4 5 »