Secdevops or devsecops or devops next-generation (NG) – What is your take on devops?

Source – csoonline.com I recently had the opportunity to attend and present at the Advanced Technology Academic Research Center (ATARC) Devops Summit last month. There was, as expected given the topic, a huge turn-out of US federal, commercial and public-sector participants looking to learn, connect and share lessons from adopting and implementing devops in their organizations. A key moment at the summit conference was an informal survey of over 200 participants by Tom Suder, the President of ATARC. Tom pulsed the

Read more

DevOps Today: What Does It Mean to You?

Source – informationweek.com DevOps is moving forward. Is your organization coming along for the ride? As DevOps becomes ever more widely respected and adopted, the fundamental concepts driving the approach are rapidly evolving and improving for the better. The latest DevOps iteration is BizDevSecOps, which aims to introduce a “whole company” approach to deriving business value from IT. “One of the best aspects of DevOps is really its bringing of Lean and Agile principles together, so it’s a continuous improvement process,”

Read more

Sonatype Nexus Named Best Open Source DevOps Tool

Source – globenewswire.com Sonatype, the leader in open source governance and DevSecOps automation is proud to announce that Nexus Repository has been named Best Open Source DevOps Tool by Computing at the DevOps Excellence Awards 2018. The distinction was announced on March 21 in London at the DevOps Excellence Awards gala where Computing recognized outstanding achievements from organizations, personalities and solutions operating within the DevOps space. “Nexus Repository has become a defacto standard within DevOps toolchains worldwide and is simply the

Read more

DevSecOps Needs Less Hype, More Adoption in 2018

Source – scmagazine.com “Development, operations and security are fundamentally intertwined. A well-designed, developed and managed system is the foundation of a secure system. DevOps must evolve to a new vision (that) balances the need for speed and agility of enterprise IT capabilities with the enterprise need to protect critical assets, applications and services.” Gartner analyst Neil MacDonald wrote those words back in 2012 when he and colleague Cameron Haight introduced the concept of DevSecOps – the seamless integration of security experts,

Read more

Firms need to move from DevOps to DevSecOps, says expert

Source – computerweekly.com DevOps delivers proven benefits in terms of business agility, but it can also create new security risks and revive old ones, according to a DevOps specialist. Risk is the result of organisations failing to train or develop staff adequately to implement best practice in security, said Elizabeth Lawler, vice-president of DevOps security at CyberArk. “This failure leaves organisations vulnerable to both internal and external threats,” she told Computer Weekly. At a time when managing their security portfolio effectively

Read more

DevSecOps tools maturing, much to the relief of DevOps developers

Source – theserverside.com Ensuring the software an enterprise deploys is secure and ensuring that there are no software vulnerabilities in the applications an organization produces have always been an inexact science. But in this age of DevOps, more pressure than ever is being placed upon the shoulders of the typical software developer, creating a need for DevSecOps tools that will reduce the DevOps developer’s burden. Low-level, programmatic security has always been a software developer’s responsibility, but best practices have always demanded

Read more

6 DevSecOps best practices: Automate early and often

Source – techbeacon.com Organizations that want to integrate security into their DevOps pipelines should adopt tools and practices that unite application development, IT operations, and security teams under a common DevSecOps rubric. The goal is to make security part of the software development workflow, rather than bolting it on later in the cycle, as has been the case with waterfall development models. This shift is upending traditional notions of how, when, and where security controls should be integrated into software, and

Read more

A complete beginner’s guide to blending DevOps and security

Source – techtarget.com DevOps can be daunting enough for those brand-new to it. And it becomes even trickier when you begin to add security into the mix. If you want to build out your DevOps and security programs in order to improve your application security initiatives, vulnerability testing and verification have to be baked into your day-to-day processes. The DevOps/DevSecOps approach allows for security to be introduced earlier in the software development lifecycle. Instead of performing security checks once the code is

Read more

From DevOps to DevSecOps: Structuring Communication for Better Security

Source – darkreading.com A solid approach to change management can help prevent problems downstream. Security has long been considered an afterthought in the software development process, with ad hoc measures typically tacked on just before release. This approach is no longer adequate in sustaining today’s expectations for rapid and reliable service. DevSecOps is emerging as a superior way to integrate security throughout the DevOps cycles, using better intelligence, situational awareness, and enhanced collaboration. It entails a solid approach to change management,

Read more

How cybersecurity will evolve to become part of DevOps

Source – securitybrief.asia DevOps has been breaking down business siloes and improving efficiency, but it’s time those principles were brought to cybersecurity initiatives, according to Palo Alto Networks. DevOps relies on the idea that teams should automate the tasks involved in deploying, securing, maintaining, and phasing out the processes that IT and security teams have done manually in the past. This lets DevOps teams to deliver applications and support services faster. DevSecOps is about making security principles integral to the DevOps

Read more
1 2 3 9