Are You Protecting Your DevOps Software ‘Factory’?

Source – darkreading.com A new study out today shows that DevSecOps could stand to use a healthier dose of OpSec, as many DevOps tools are left exposed on the public Internet with little to no security controls. So much of the education about the intersection of DevOps and security focuses on application security testing and secure development practices. But DevSecOps is about more than just securing the software product itself. It’s also crucial to protect the “factory” that produces those applications — namely,

April 30, 2018 bestdevops Cloud Computing, DevOps Leave a comment

Redefining firewalls for the cloud generation

Source – networksasia.net Cloud computing has become the new normal in IT, especially with public cloud functionality growing tremendously in 2017, and is still advancing. “2017 took us well into the cloud generation, and as we look at 2018, it will become more critical than ever for organizations to understand public cloud environments in order to keep workloads and applications secure,” said Tim Jefferson, VP of Public Cloud at Barracuda Networks. Spurred by this trend, more attackers will be drawn to explore

April 28, 2018 bestdevops DevOps Leave a comment

Bridge the DevSecOps Experience Divide with Cross-Functional Teams

Source – devops.com Last week’s DevOps Connect event at RSA Conference offered up a ton of wisdom and real-world examples of the power of DevSecOps. With its best-ever attendance after several years and impressive participation levels, this year’s event stands as a good harbinger for the growing interest that the security community has in vesting itself in the DevOps phenomenon. But there’s still a lot of work to do in helping security professionals shift their mindsets and fully understand what DevSecOps

April 27, 2018 bestdevops Continuous Delivery, Continuous Integration, DevOps Leave a comment

Security In DevOps Is Lagging Despite Advantages And Opportunities, According To New Study by 451 Research And Synopsys

Source – informationsecuritybuzz.com (Nasdaq: SNPS) today released new data that highlights the opportunities and challenges of DevSecOps, an emerging paradigm in which DevOps teams incorporate application security into their continuous integration and continuous delivery (CI/CD) workflows. The 451 Research report commissioned by Synopsys, DevSecOps Realities and Opportunities, analyses survey results from 350 enterprise decision-makers at large enterprises across a variety of industries. The study found that only half of CI/CD workflows include application security testing elements despite respondents citing awareness of the importance

April 27, 2018 bestdevops DevOps, DevOps Best Practices Leave a comment

DevOps and security can coexist with a little planning

Source – techtarget.com “If you’re not thinking about security at all, it’s crazy.” Those words, from Ari Weil, vice president and senior director of industry marketing at Akamai, neatly sum up his frustration with the so-called DevSecOps landscape. Despite well-publicized security breaches, most DevOps teams continue to think about security too late in the process. DevSecOps — with its promise to bake security in from the beginning — could help. But, today, this movement is nascent at best. And while Akamai now offers new

April 26, 2018 bestdevops Continuous Delivery, Continuous Deployment, Continuous Integration, DevOps Leave a comment

Security in DevOps Is Lagging Despite Advantages and Opportunities

Source – bwcio.businessworld.in Synopsys Inc. has released new data that highlights the opportunities and challenges of DevSecOps, an emerging paradigm in which DevOps teams incorporate application security into their continuous integration and continuous delivery (CI/CD) workflows. The 451 Research report commissioned by Synopsys, DevSecOps Realities and Opportunities, analyses survey results from 350 enterprise decision-makers at large enterprises across a variety of industries. The study found that only half of CI/CD workflows include application security testing elements despite respondents citing awareness

April 24, 2018 bestdevops Continuous Delivery, Continuous Deployment, Continuous Integration, DevOps Leave a comment

DevSecOps: How to get your team on board

Source – enterprisersproject.com A funny thing happened as IT embraced DevOps and broke down longstanding silos between teams: Many organizations created new silos in their place, around security. “We found through our research that DevOps and security teams are already operating in silos, and the rush to the cloud is exacerbating this disconnect,” says Pete Cheslock, senior director at Threat Stack. “Teams are increasingly isolated, and they’re facing a steep learning curve.” This is why you’re increasingly hearing the term DevSecOps. You’re forgiven if you’re skeptical

April 3, 2018 bestdevops Continuous Delivery, Continuous Deployment, Continuous Integration, DevOps Leave a comment

Secdevops or devsecops or devops next-generation (NG) – What is your take on devops?

Source – csoonline.com I recently had the opportunity to attend and present at the Advanced Technology Academic Research Center (ATARC) Devops Summit last month. There was, as expected given the topic, a huge turn-out of US federal, commercial and public-sector participants looking to learn, connect and share lessons from adopting and implementing devops in their organizations. A key moment at the summit conference was an informal survey of over 200 participants by Tom Suder, the President of ATARC. Tom pulsed the

March 27, 2018 bestdevops DevOps Leave a comment

DevOps Today: What Does It Mean to You?

Source – informationweek.com DevOps is moving forward. Is your organization coming along for the ride? As DevOps becomes ever more widely respected and adopted, the fundamental concepts driving the approach are rapidly evolving and improving for the better. The latest DevOps iteration is BizDevSecOps, which aims to introduce a “whole company” approach to deriving business value from IT. “One of the best aspects of DevOps is really its bringing of Lean and Agile principles together, so it’s a continuous improvement process,”

March 23, 2018 bestdevops DevOps, DevOps Tools Leave a comment

Sonatype Nexus Named Best Open Source DevOps Tool

Source – globenewswire.com Sonatype, the leader in open source governance and DevSecOps automation is proud to announce that Nexus Repository has been named Best Open Source DevOps Tool by Computing at the DevOps Excellence Awards 2018. The distinction was announced on March 21 in London at the DevOps Excellence Awards gala where Computing recognized outstanding achievements from organizations, personalities and solutions operating within the DevOps space. “Nexus Repository has become a defacto standard within DevOps toolchains worldwide and is simply the

March 22, 2018 bestdevops DevOps Leave a comment

DevSecOps Needs Less Hype, More Adoption in 2018

Source – scmagazine.com “Development, operations and security are fundamentally intertwined. A well-designed, developed and managed system is the foundation of a secure system. DevOps must evolve to a new vision (that) balances the need for speed and agility of enterprise IT capabilities with the enterprise need to protect critical assets, applications and services.” Gartner analyst Neil MacDonald wrote those words back in 2012 when he and colleague Cameron Haight introduced the concept of DevSecOps – the seamless integration of security experts,

March 21, 2018 bestdevops DevOps Leave a comment

Firms need to move from DevOps to DevSecOps, says expert

Source – computerweekly.com DevOps delivers proven benefits in terms of business agility, but it can also create new security risks and revive old ones, according to a DevOps specialist. Risk is the result of organisations failing to train or develop staff adequately to implement best practice in security, said Elizabeth Lawler, vice-president of DevOps security at CyberArk. “This failure leaves organisations vulnerable to both internal and external threats,” she told Computer Weekly. At a time when managing their security portfolio effectively

March 16, 2018 bestdevops Cloud Computing, DevOps Leave a comment

DevSecOps tools maturing, much to the relief of DevOps developers

Source – theserverside.com Ensuring the software an enterprise deploys is secure and ensuring that there are no software vulnerabilities in the applications an organization produces have always been an inexact science. But in this age of DevOps, more pressure than ever is being placed upon the shoulders of the typical software developer, creating a need for DevSecOps tools that will reduce the DevOps developer’s burden. Low-level, programmatic security has always been a software developer’s responsibility, but best practices have always demanded

March 16, 2018 bestdevops DevOps Leave a comment

6 DevSecOps best practices: Automate early and often

Source – techbeacon.com Organizations that want to integrate security into their DevOps pipelines should adopt tools and practices that unite application development, IT operations, and security teams under a common DevSecOps rubric. The goal is to make security part of the software development workflow, rather than bolting it on later in the cycle, as has been the case with waterfall development models. This shift is upending traditional notions of how, when, and where security controls should be integrated into software, and

March 8, 2018 bestdevops Cloud Computing, DevOps Leave a comment

A complete beginner’s guide to blending DevOps and security

Source – techtarget.com DevOps can be daunting enough for those brand-new to it. And it becomes even trickier when you begin to add security into the mix. If you want to build out your DevOps and security programs in order to improve your application security initiatives, vulnerability testing and verification have to be baked into your day-to-day processes. The DevOps/DevSecOps approach allows for security to be introduced earlier in the software development lifecycle. Instead of performing security checks once the code is

February 16, 2018 bestdevops DevOps, IT trends Leave a comment

From DevOps to DevSecOps: Structuring Communication for Better Security

Source – darkreading.com A solid approach to change management can help prevent problems downstream. Security has long been considered an afterthought in the software development process, with ad hoc measures typically tacked on just before release. This approach is no longer adequate in sustaining today’s expectations for rapid and reliable service. DevSecOps is emerging as a superior way to integrate security throughout the DevOps cycles, using better intelligence, situational awareness, and enhanced collaboration. It entails a solid approach to change management,

February 15, 2018 bestdevops DevOps Leave a comment

How cybersecurity will evolve to become part of DevOps

Source – securitybrief.asia DevOps has been breaking down business siloes and improving efficiency, but it’s time those principles were brought to cybersecurity initiatives, according to Palo Alto Networks. DevOps relies on the idea that teams should automate the tasks involved in deploying, securing, maintaining, and phasing out the processes that IT and security teams have done manually in the past. This lets DevOps teams to deliver applications and support services faster. DevSecOps is about making security principles integral to the DevOps

January 25, 2018 bestdevops Cloud Computing, DevOps, DevOps Best Practices Leave a comment

What does DevOps do in 2018?

Source – infosecurity-magazine.com In 2018, we’re expecting DevOps to become the new norm for larger enterprise teams. This is because we’re likely to see developers on older, higher value systems implementing a more DevOps centric approach, having seen it work on projects that have traditionally been highly visible, but low value. In big enterprises in the past, DevOps practices have often been tested and trialed on projects which have low business impact. For example, in banking, teams have used DevOps

January 19, 2018 bestdevops DevOps, DevOps Best Practices Leave a comment

10 bad DevOps habits to break

Source – enterprisersproject.com In 2017, more companies than ever before decided to start their DevOps journey. As with anything new, there’s a learning curve: The trick is identifying missteps before they become bad habits, because habits can be hard to break. As you refine your DevOps strategies for the new year, it’s important to take a critical look back and seek out these troublemakers. These issues may not be obvious – so we asked business leaders and DevOps practitioners to help,

January 18, 2018 bestdevops Continuous Deployment, DevOps Leave a comment

Security Strategies for DevOps, APIs, Containers and Microservices

Source – securityboulevard.com More and more IT professionals see DevSecOps, a practice which integrates security measures earlier in the development process to improve production code quality, as a mainstay for future application development. Much of this stems from the growing trend towards speeding up application development through adopting architectures using DevOps, containers and microservices, as well as supporting automation toolchains and frameworks. This trend presents an opportunity for cybercriminals, who are increasingly turning their attention to security gaps and vulnerabilities in

« 1 … 9 10 11 12 13 … 15 »