Accelerate DevOps by Automating Security

Source – searchaws.techtarget.com DevOps teams are under enormous pressure to accelerate development cycles and improve quality assurance. We live in a world where IT consumerization is a fact of life and speed to market is not just an enormous competitive differentiator but an absolute necessity. This is why DevOps teams are embracing modern initiatives such as agile development, containers and microservices. Demands for speed and accuracy—along with the potential for cost savings—are also driving DevOps’ growing reliance on cloud services: DevOps

June 29, 2017 bestdevops Cloud Computing, DevOps Leave a comment

Continuous monitoring in the cloud: Two steps to make it a reality

Source – searchcloudsecurity.techtarget.com When automating and orchestrating security controls for DevOps deployment pipelines, security teams need to secure source code and build processes and promotions to cloud environments. Once systems and applications are running in the cloud, security teams also need to ensure a continuous monitoring feedback loop is in place for all the assets running in cloud provider environments. This has caused a number of issues for many organizations due to the lack of tool maturity or availability for performing monitoring,

June 21, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Why runtime application self-protection is critical for app security

Source – appdevelopermagazine.com Today most of us go about implementing security from the outside in. The common practice is to start by defining a perimeter and trying to defend it with various security tools. Even though perimeters have been porous for more than a decade, we still can’t give up this notion that if we build a better wall we can keep our enterprises safer. Certainly that is where most enterprises are spending their security budgets. Gartner estimates we spend more

June 20, 2017 bestdevops Continuous Integration, DevOps Leave a comment

Automated Testing: Remember Security

Source – devops.com Between continuous integration (CI) and release automation (RA), we’ve come a long way in making testing both integral and automated. This testing has allowed QA staff and developers to spend more time adding value by looking at problem areas instead of running tests by hand. Shops that have CI well-integrated into their application processes and are using test driven development (TDD) claim they have improved both time to deployment and code quality. But we’re still struggling to get

June 15, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Security and Development Teams Collaborate on Apps

Source – infosecurity-magazine.com Security teams and developers are more aligned and capable of taking a collaborative approach than many in the industry believe, according to a new study from Veracode. The application security vendor, recently acquired by CA Technologies, polled 400 IT professionals in the UK, US and Germany to better understand the relationship between the two functions. There’s a common perception that developers and security professionals are fundamentally at odds: the former prioritizing features and time-to-market and the latter focused

June 9, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Application Security Report Calls Out Problems in Mobile, IoT Devices and DevOps

Source – securityintelligence.com Vulnerabilities in mobile backends, web interfaces to the Internet of Things (IoT) and negligent DevOps practitioners are among the fastest growing application security threats, according to a report released at the InfoSecurity Europe conference in London this week. What’s the Problem? Research from High-Tech Bridge, a Swiss company that also operates in the U.S., said 83 percent of web service and application programming interfaces (APIs) used in apps for retail, banking and other markets could fall prey to

June 3, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Security & Development: Better Together

Source – darkreading.com How DevSecOps removes the silos between security and application development teams so that everyone can work together at the same speed. For organizations trying to accelerate their product go-to-market, DevOps has transformed application development. By knocking down the wall between development and operations it’s now possible to release incremental changes more often. The bad news is that security teams are not equipped to move as quickly, and are falling behind. For security teams looking for best practices to

June 2, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Improving Linux Security with DevSecOps

Source – linuxjournal.com Ask people who run IT departments these days what keeps them up at night, and they’ll probably tell you it’s security—or the lack of it. With the explosive growth of malicious attacks on everything from hospitals to Fortune 500s, security—not hardware, software and even staff—is what currently makes life miserable. That’s why organizations of all sizes are looking to change fundamentally how they do security. It’s no longer a single team’s job to make sure systems are secure

May 27, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

DevOps Tips and Inspiration: Metrics

Source- Electric-cloud.com Our Continuous Discussions (#c9d9) video podcast – now in its 4th year! – has hosted hundreds (yes, literally) of experts from the DevOps community, who get together every other Tuesday to share their experience and expertise around a wide range of topics related to modern software delivery. In our 70+ episodes so far, we’ve featured some of the biggest DevOps luminaries and technology leaders, who shared their learning, war stories, and tips – around topics such as microservices, containers, continuous

May 25, 2017 bestdevops DevOps, DevOps News Leave a comment

DevOps shops size up security and compliance as code

Source – techtarget.com IT pros in DevOps shops want compliance and security to be the next things they automate, but people with the right skills are tough to find. AUSTIN — As enterprise IT pros gain experience with DevOps and infrastructure as code, they also begin to assess whether code can help with IT security and compliance problems. Products such as Chef Compliance and InSpec are on the minds of DevOps pros at ChefConf here this week. InSpec is an open

May 20, 2017 bestdevops DevOps, Test Driven Development Leave a comment

13 benefits you will get by using Test Driven Development

Source – techpatio.com The first thing I do when a tech company says they are Agile, is ask about test driven development and continuous integration. If they don’t do it, in my opinion, they are just not Agile. Today I would like to focus on the benefits of TDD. Over the years I have been listening to different opinions about TDD. People talking about it’s importance and about past experiences, working with a code that was not designed using Test Driven

May 20, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Trends in DevOps: Security

Source – news.sys-con.com we’re pretty focused on being involved in the DevOps community by providing perspectives on where we’ve been, where we are and where we’re headed as a community — and of course hearing from the community as well! And, if you follow this blog you probably saw an earlier post recapping our Predictions and Trends in DevOps webinar, which brought together four DevOps thought leaders to give us their perspective on what’s happening in 2017 and beyond. If you haven’t already

May 19, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

DevOps and SecOps: The Perks of Collaboration

Source – csoonline.com A quick search on the term DevOps shines a very telling light on where people see the value in this practice. Some proponents see DevOps as a faster path to market. Some feel that DevOps encourages faster innovation. Others suggest that entire organizations can literally move faster by virtue of using DevOps for product development. And still others who even think DevOps is TOO fast. Clearly, it’s all about speed, baby. There’s nothing wrong with getting things done

May 18, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

How DevOps tools can be used to integrate cloud automation

Source – techtarget.com As cloud development and deployment practices move faster and become more agile, security teams have realized that the only effective ways to secure cloud application and system deployments are to develop security controls that integrate into the deployment pipeline, and to automate as much as possible. Many in the security community have dubbed this approach security as code, a take on the infrastructure as code mentality of defining all virtual and cloud-based stack components as configurable elements that are

May 18, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

5 Simple Strategies for Building Security Into Your DevOps Process

Source – veracode.com Securing any development framework – whether Waterfall, Agile or DevOps – requires changes of culture, process, and technology. But unlike the straightforward flow of Waterfall, where security comes at the end of the process, it’s less clear where security fits in Agile and DevOps. As Securosis analyst Adrian Lane points out, Agile development includes “whatever work gets done in a sprint and does not bend to security, so you need to bend security to fit Agile.” Likewise, moving from

May 16, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

12 ways to improve run-time container security

Source – computerworld.com.au There still really aren’t many enterprise run-time security tools for containers available, which has skewed the conversation toward establishing defensive barriers prior to run-time – during the build, integration, and deployment stage. Of course, with rapidly evolving technology like containers, it can be all too easy to overlook the most basic security concerns, so, really, any focus at all is welcome. Efforts pointing out the security advantages of digitally signing container images at build time, and scanning them

May 13, 2017 bestdevops DevOps, DevOps Best Practices, IT trends Leave a comment

DevOps, Security, Hybrid IT: Priorities of successful IT pros

Source – enterprisersproject.com Consider how much the role of the IT professional has changed during the last 10 years. As traditional, siloed IT roles — such as network administrators, storage administrators, systems administrators, and database administrators — continue to include new responsibilities, IT professionals can no longer get by as specialists. These days, they’re are expected to be implementing new technologies and trends, inlcuding containers, serverless architecture, and IoT, while working with cloud service providers. They’re acting as liaisons to business leaders. On top of all that,

May 8, 2017 bestdevops DevOps, DevOps Best Practices, IT trends Leave a comment

IT security sucks: Here’s why (and how to fix it)

Source – itbusinessnet.com The rise of cybercrime across the globe has proven that traditional criminals are finding new ways to attack: Physical access to the goods is no longer required, now the basic requirements are internet connectivity, an intellect capable of operating tools built by someone else, and a pronounced lack of scruples. While the modern workforce is familiar with buzzwords like cyber crime and black hat, only 38 percent of organizations surveyed for ISACA’s “2015 Global Cybersecurity Status Report” claimed

May 4, 2017 bestdevops DevOps, IT trends Leave a comment

3 steps to secure, open source DevOps

Source – opensource.com Nobody really writes their own code anymore, right? We go out to GitHub, download some libraries, avoid recreating unnecessary wheels, and package those wheels together along with our own glue to create new software. Then we download a half dozen front-end frameworks to make it all pretty and responsive and we’re off the races. In my review of apps, both in my company and others, I’ve found that more than 90% of the code that makes up an

May 3, 2017 bestdevops DevOps, DevOps Process, DevOps Updates Leave a comment

DevSecOps: Paradigm shifts are messy, but someone’s got to take the lead

Source:- infoworld.com A perfect storm of factors brewing in the dev, ops, and security worlds have created a window of opportunity to embed security into the application delivery lifecycle, in a needle-moving kind of way. However, security teams need to be the ones driving the DevSecOps charge or that needle will barely wobble. Given how many security practitioners spend their days putting out fires, adding “DevSecOps evangelist” to their job description is more likely to elicit groans than spur the desire

« 1 … 12 13 14 15 »