Security & Development: Better Together

Source – darkreading.com How DevSecOps removes the silos between security and application development teams so that everyone can work together at the same speed. For organizations trying to accelerate their product go-to-market, DevOps has transformed application development. By knocking down the wall between development and operations it’s now possible to release incremental changes more often. The bad news is that security teams are not equipped to move as quickly, and are falling behind. For security teams looking for best practices to

Read more

Improving Linux Security with DevSecOps

Source – linuxjournal.com Ask people who run IT departments these days what keeps them up at night, and they’ll probably tell you it’s security—or the lack of it. With the explosive growth of malicious attacks on everything from hospitals to Fortune 500s, security—not hardware, software and even staff—is what currently makes life miserable. That’s why organizations of all sizes are looking to change fundamentally how they do security. It’s no longer a single team’s job to make sure systems are secure

Read more

DevOps Tips and Inspiration: Metrics

Source- Electric-cloud.com Our Continuous Discussions (#c9d9) video podcast – now in its 4th year! – has hosted hundreds (yes, literally) of experts from the DevOps community, who get together every other Tuesday to share their experience and expertise around a wide range of topics related to modern software delivery. In our 70+ episodes so far, we’ve featured some of the biggest DevOps luminaries and technology leaders, who shared their learning, war stories, and tips – around topics such as microservices, containers, continuous

Read more

DevOps shops size up security and compliance as code

Source – techtarget.com IT pros in DevOps shops want compliance and security to be the next things they automate, but people with the right skills are tough to find. AUSTIN — As enterprise IT pros gain experience with DevOps and infrastructure as code, they also begin to assess whether code can help with IT security and compliance problems. Products such as Chef Compliance and InSpec are on the minds of DevOps pros at ChefConf here this week. InSpec is an open

Read more

13 benefits you will get by using Test Driven Development

Source – techpatio.com The first thing I do when a tech company says they are Agile, is ask about test driven development and continuous integration. If they don’t do it, in my opinion, they are just not Agile. Today I would like to focus on the benefits of TDD. Over the years I have been listening to different opinions about TDD. People talking about it’s importance and about past experiences, working with a code that was not designed using Test Driven

Read more

Trends in DevOps: Security

Source – news.sys-con.com we’re pretty focused on being involved in the DevOps community by providing perspectives on where we’ve been, where we are and where we’re headed as a community — and of course hearing from the community as well! And, if you follow this blog you probably saw an earlier post recapping our Predictions and Trends in DevOps webinar, which brought together four DevOps thought leaders to give us their perspective on what’s happening in 2017 and beyond. If you haven’t already

Read more

DevOps and SecOps: The Perks of Collaboration

Source – csoonline.com A quick search on the term DevOps shines a very telling light on where people see the value in this practice. Some proponents see DevOps as a faster path to market. Some feel that DevOps encourages faster innovation. Others suggest that entire organizations can literally move faster by virtue of using DevOps for product development. And still others who even think DevOps is TOO fast. Clearly, it’s all about speed, baby. There’s nothing wrong with getting things done

Read more

How DevOps tools can be used to integrate cloud automation

Source – techtarget.com As cloud development and deployment practices move faster and become more agile, security teams have realized that the only effective ways to secure cloud application and system deployments are to develop security controls that integrate into the deployment pipeline, and to automate as much as possible. Many in the security community have dubbed this approach security as code, a take on the infrastructure as code mentality of defining all virtual and cloud-based stack components as configurable elements that are

Read more

5 Simple Strategies for Building Security Into Your DevOps Process

Source – veracode.com Securing any development framework – whether Waterfall, Agile or DevOps – requires changes of culture, process, and technology. But unlike the straightforward flow of Waterfall, where security comes at the end of the process, it’s less clear where security fits in Agile and DevOps. As Securosis analyst Adrian Lane points out, Agile development includes “whatever work gets done in a sprint and does not bend to security, so you need to bend security to fit Agile.” Likewise, moving from

Read more

12 ways to improve run-time container security

Source – computerworld.com.au There still really aren’t many enterprise run-time security tools for containers available, which has skewed the conversation toward establishing defensive barriers prior to run-time – during the build, integration, and deployment stage. Of course, with rapidly evolving technology like containers, it can be all too easy to overlook the most basic security concerns, so, really, any focus at all is welcome. Efforts pointing out the security advantages of digitally signing container images at build time, and scanning them

Read more
1 11 12 13 14 15