November 29, 2018 Bittu K DevOps Leave a comment

3 Tips to Build A DevSecOps Organization

Source- devops.com For organizations undergoing digital transformation today, modernizing the existing environment can present serious challenges when it comes to security. Whether you’re dealing with a transition from legacy to cloud or hybrid models, or shifting from ITIL and waterfall methodologies to DevOps, the increasing number of technologies and complexity mean you need to rethink your security posture. The traditional approach to security—that is, a static strategy that largely involves patching on piecemeal measures at the 11th hour—is simply not a

October 22, 2018 Bittu K Continuous Deployment, Continuous Integration Leave a comment

DevSecOps: Focus training on 3 key areas

Source- enterprisersproject.com DevOps, with its fast and frequent release cycles, is the new environment that organizations need to contend with in order to stay competitive in the market. It is especially challenging when security considerations come into play since developers don’t often have secure coding expertise and since security practices traditionally stall release cycles. Despite its necessity, establishing a DevSecOps environment in an organization is no simple feat; it is a complicated, multi-layered process, and much of its success relies on the reinforcement of strong

October 12, 2018 Bittu K Cloud Computing Leave a comment

Pentagon Cloud Computing Deal Could Give Amazon Monopoly

Source- investors.com Good news for Amazon.com employees is not necessarily good news for everyone else. For example, consider the announcement that Amazon.com will now pay at least $15 per hour. That may be great for current employees, but it’s bad for any smaller companies that hope to compete with Amazon on price. Amazon has a history of cutting prices to dominate a developing space, then using its massive market power to block others from even entering. That’s why it opposed internet sales taxes for

October 5, 2018 Bittu K DevOps Leave a comment

Bridging the priority gap between IT and security in DevOps

Source- betanews.com Let’s start with a test. Suppose that you manage a corporate network gateway across which a critical programmed transaction is scheduled to occur in exactly one hour. Suppose further that the firewall protecting this gateway is functionally misbehaving and will almost certainly block any programmed activity with your transaction partner. This is a serious concern because your boss has reinforced to you several times the importance of this planned transaction. Your team continues to work the technical problem,

October 4, 2018 Bittu K DevOps, Software Leave a comment

Putting Security on Par with DevOps

Source- darkreading.com DevSecOps: It’s not a very friendly acronym. It reeks of techno-babble, sounds a little military, and resists a consumer connection. But think again. This is a vital discipline that’s directly relevant to every enterprise and every individual, particularly within cloud infrastructures, and has long deserved greater attention. Maybe that’s why we’re now seeing greater research and more discussion devoted to the subject. But what’s really at stake here? And what needs to happen next? First, let’s understand the

October 1, 2018 Bittu K DevOps, DevOps Best Practices Leave a comment

5 Reasons DevOps And Security Need To Work Together

Source- forbes.com There is nothing like speeding up your business processes and development cycles is there? DevOps has revolutionized the way businesses meet the constantly evolving needs of their customers, without sacrificing productivity. Even as good as it sounds, it can still come at a price if DevOps and security are not working together. With the speed at which new iterations are released, it can be tough for security to keep up. In fact, 68 per cent of cybersecurity professionals are demanded

September 20, 2018 Bittu K Continuous Delivery, Continuous Integration, DevOps Leave a comment

Google Cloud rolls out security feature for container images

Source- zdnet.com Google on Wednesday announced a new feature for developers in the early stages of the continuous integration and continuous delivery (CI/CD) process. All container images built using Cloud Build, Google’s fully-managed CI/CD platform, will now be automatically scanned for OS package vulnerabilities. The Container Registry vulnerability scanning feature is currently in beta. The cloud is disrupting traditional operating models for IT departments and entire organizations. The images will be scanned for vulnerabilities when they’re pushed to Container Registry

August 28, 2017 Bittu K Continuous Delivery, Continuous Integration, DevOps Leave a comment

Integrating security into DevOps

Source – networksasia.net Many developers today find themselves working in a DevOps (“development and operations”) setup in which an agile relationship exists between development and IT operations, with close communication and collaboration between these business units. DevOps brings many advantages such as releasing features and fix bugs faster using Agile methodologies, CI/CD processes, and open source tools. However, traditional security activities can’t seem to keep up with this fast-paced tempo. How can you make sure security doesn’t get left behind? The

August 14, 2017 Bittu K Cloud Computing, DevOps Leave a comment

Cyber Exposure : The Next Frontier for Security

Source – cso.com.au The stakes have never been higher when it comes to cybersecurity. Global cyber attacks such as the recent WannaCry ransomware attack is a sobering reminder that cybersecurity is the existential threat of this generation. A new report from Lloyd’s of London estimates a serious cyber attack could cost the global economy more than US $120 billion – as much as catastrophic natural disasters such as Hurricane Katrina and Sandy. According to the report, the most likely scenario is

August 12, 2017 Bittu K Agile, DevOps Leave a comment

DevOps and Security: Fighting factions or fabulous friends?

Source – cbronline.com DevOps processes focus on being agile, ahead of the game and able to deliver innovative software quickly and efficiently. Traditional software security processes prioritise thoroughness over agility and are often implemented as blocking gates at the last stages of software delivery. Due to this, these approach are often viewed as being in competition. It doesn’t have to be this way. More and more security breaches are uncovered every week, and it has become vitally important that security and

1 2 3 … 5 »