August 2, 2019 bestdevops DevOps Leave a comment

Why Security And DevOps Must Coexist

Source: I recently had the pleasure of moderating a lively discussion with security leaders at the SINET Innovation Summit 2019 in New York. The conversation explored one central question: Can security and DevOps coexist? DevOps is a well-adopted practice that fosters an agile relationship between development and IT operations by advocating better communication and collaboration between these two business units. Every organization represented on the panel (including two of the largest financial services companies) have mature DevOps programs with security baked into their

July 27, 2019 bestdevops DevOps Leave a comment

The DevSecOps Journey: Achieving Security at Speed and Scale

Source: securityboulevard.com Before DevOps dramatically transformed the application development process, a typical application development scenario went like this: Application developers created their application, system or code and spun up their accompanying server, and then submitted an access request or firewall configuration change to the security team, which would then take weeks to complete. Developers were used to working on a six-month release cycle, so the long lead time between submitting a request to the security team and having that request

July 18, 2019 bestdevops DevOps Leave a comment

How to Move Security Up the DevOps Priority List

Source:- securityboulevard.com If you are in the information security business like me, you have probably improved your frequent flyer status recently. Indeed, May-June are when most industry events occur. Like birds, we fly when spring arrives. In this blog, I’ll share some thoughts based on conversations I had during my own journeys, including those at the global OWASP conference in Tel Aviv, Israel. The audience was mostly split between developers and researchers, and then me, supposedly the only marketing guy within

July 18, 2019 bestdevops DevOps Leave a comment

Networking: The DevOps Community Deserves Better

Source:- Developers of cloud-native applications are at the heart of a process of radical transformation shaking up the business world. Without them, enterprises everywhere would be stuck with the same cumbersome tools and processes they’ve been relying on for years. Using DevOps methodologies, software-as-a-service (SaaS) players are bringing a level of agility to the game that is all about freeing enterprises from the shackles of the old, pre-cloud days and letting them take advantage of new opportunities at light speed.

July 17, 2019 bestdevops AWS Leave a comment

PERSISTENT COOKIES CAN PROVE TROUBLESOME FOR AWS

Source:-duo.com For both attackers and penetration testers, phishing has been a go-to move for about two decades and it continues to work quite well today. It’s a reliable way to harvest users’ credentials for all sorts of apps and services, including cloud platforms, and a researcher has discovered that some cookies used for authentication on Amazon Web Services remain valid even after the victim has changed the password and logged out of the account. That means that an attacker who

July 13, 2019 bestdevops AWS Leave a comment

AWS Adds to Container Services Lineup

Source:- containerjournal.com Amazon Web Services (AWS) this week expanded its campaign to become the primary destination for deploying containers by making available Amazon CloudWatch Container Insights in preview. Announced at its AWS Summit event in New York, Amazon CloudWatch Container Insights is the second container service announcement made by AWS this week. AWS earlier announced the general availability of AWS Fluent Bit, which enables container logs to be routed to the AWS CloudWatch management service or through the AWS Kinesis

July 13, 2019 bestdevops Azure Leave a comment

Microsoft Azure partners get new tool, migration program

Source:- searchitchannel.techtarget.com Microsoft has uncorked a series of announcements on the eve of Microsoft Inspire, many of them focused on Microsoft Azure management and migration; more news from the week. John Moore and Spencer Smith 12 Jul 2019 Microsoft Azure partners are getting a new management tool and a migration program as part of channel investments Microsoft revealed in the run-up to the company’s annual partner conference. Microsoft introduced Azure Lighthouse, which the company said gives partners “a single control plane”

July 12, 2019 bestdevops IT Training Leave a comment

It’s great to move to a DevOps approach – but have you told anyone else?

Source:- cloudcomputing-news.net One of the key inhibitors to progress in DevOps is internal communication – or the lack of it – according to a new survey. The report, from Trend Micro, polled 1,310 IT decision makers across enterprise and SMB levels and found almost nine in 10 (89%) are lobbying for greater communication between software development and IT security teams. More than three quarters (77%) said developers, security and operations teams needed to be in closer contact. So where is the

July 12, 2019 bestdevops Kubernetes Leave a comment

The Pros and Cons of Kubernetes for HPC

Source:- hpcwire.com To Kube or not to Kube?” That is the question now active in the HPC community. If you work in IT, the rise of Kubernetes (K8s) has been hard to miss. Just five years after its initial release, Kubernetes has emerged as the new darling of open source, enjoying popularity and adoption second only to Linux. At the time of this writing, Kubernetes boasts over 80,000 code commits by approximately 2,200 separate developers. 1 A Kubernetes primer For

July 12, 2019 bestdevops Azure Leave a comment

Microsoft launches Azure Lighthouse in general availability, updates Azure Migration Program

Source:- venturebeat.com Next week marks the kickoff of Microsoft’s annual Inspire convention in Las Vegas, where the Seattle company reliably announces a slew of enterprise product updates across its portfolio. This year, in addition to Microsoft Teams news and a new AI for Good initiative, it launched Azure Lighthouse in general availability alongside Azure Migration Program enhancements Azure Lighthouse In essence, Azure Lighthouse is a control panel that integrates with portals, IT service management (ITSM) tools, and monitoring tools to let

July 8, 2019 bestdevops Technology Leave a comment

Cloud is changing the data protection landscape: Dell EMC research

Source : – cio.economictimes.indiatimes.com Dell EMC announced the results of the third Global Data Protection Index revealing an increasing growth rate of data of 130% in Indian organizations and an impressive jump in data protection “adopters” of nearly 50 percentage points (48%) since 2016. The research, which surveyed 2,200 IT decision makers from both public and private organizations with 250+ employees across 18 countries and 11 industries, provides a comprehensive understanding of the state of data protection and the maturity of

July 3, 2019 bestdevops DevOps News Leave a comment

How DevOps Teams Can Skill Up on DataOps

Source :- devops.com Probably not. Although it might be comforting to imagine that every company has a dedicated team of data specialists on staff who oversee data operations, the reality is that the vast majority of companies employ no data scientists at all. Only around 6% of large enterprises have data scientists on staff, and virtually no small and medium businesses employ data scientists. What this means is that at most companies, effective data management is the responsibility of any and

July 3, 2019 bestdevops DevOps News Leave a comment

6 Traits That Define DevSecOps

Source :- devops.com How do we define DevSecOps? A combination of DevOps and security is readily apparent, but the philosophy goes much deeper. In a recent eBook, The State of DevSecOps, we asked industry experts to define what DevSecOps meant to them. Below, we’ve condensed their answers into five core attributes. Recent Posts By Bill Doerrfeld When DevOps and Marketing Collide: Insights From Adobe Summit 2019 6 Examples of Digital Transformation at Adobe Summit Keynote DevOps and Retail: Transforming Brick-and-Mortar to

July 3, 2019 bestdevops Docker Leave a comment

Critical Security Flaws Lurk Inside 20% of Docker Container Files

Source :- sdxcentral.com A majority of the most popular Docker container files contain at least one notable security vulnerability, while one in five houses what is considered a critical security flaw, according to research from Kenna Security. The research, compiled by Jerry Gamblin, principle security engineer at the firm, scanned the top 1,000 containers in the Docker Hub. It found that some of the most frequently used containers had more than 100 million pulls, or downloads, and that those containers had

July 2, 2019 bestdevops DevOps Updates Leave a comment

Portable Security Policies: A DevSecOps Primer

Source :- devops.com Protecting critical data and applications is a challenge under any circumstances, but it’s especially daunting when resources reside in the cloud. Most organizations today operate a significant portion of their workloads in the cloud, which adds to the complexity of the security problem—a security team can’t fully control cloud environments but is responsible for securing workloads and applications running there. Cybercriminals are exploiting the situation. They’re becoming more aggressive and ingenious in their efforts, taking advantage of the

July 1, 2019 bestdevops DevOps Leave a comment

DevOps Security Champion: Who, What and Why?

Source :- devops.com In general, DevOps is a process and culture of organizations to get applications out the door faster and with higher quality. To do so, security champions are essential. In DevOps, security champions work as a backup mechanism in various projects and take multiple leadership roles. Security champions make effective decisions and take projects forward while strengthening the best security practices. How do you enable security champions in DevOps? In this article, we will describe four practical ways of

June 20, 2019 bestdevops DevOps Leave a comment

DevSecOps: 4 key considerations for beginners

Source:- enterprisersproject.com With the DevSecOps approach, you shift left to make security a part of software development from the earliest stages. Pay attention to these four areas Security used to be the responsibility of a dedicated team in the last development stage, but with development cycles increasing in number and speed, security practices need to be constantly updated. This has led to the rise of DevSecOps, which emphasizes security within DevOps. Companies need DevSecOps to make sure their initiatives run safely and securely. Without DevSecOps,

June 15, 2019 bestdevops Cloud Computing Leave a comment

4 key data security challenges in cloud computing

Source:- techiexpert.com Cloud Computing is the long unreal vision of computing as a utility, where users can remotely store their info into the cloud on the on-demand high-quality applications and services from a shared pool of configurable computing resources. By info outsourcing, users are eased from the burden of native knowledge storage and maintenance. However, the particular indisputable fact that users did not have physical possession of the preemptively large size of outsourced info makes the data integrity protection includes

June 14, 2019 bestdevops DevOps Leave a comment

The DevOps Security Stack

Source:- devops.com Even though DevOps offers a more efficient and faster way to develop and deploy applications, security remains an issue. On paper, DevOps and cloud-native applications might be more secure than their traditional counterparts, but the reality is not that simple. With the newer, more complex, highly distributed infrastructures common to DevOps come new challenges that need to be identified and addressed. This article walks through those challenges to highlight what it takes to secure a DevOps workflow. I

June 12, 2019 bestdevops Continuous Delivery Leave a comment

Shift Left Without Fear: The Role of Security in Enabling DevOps

Source:- devops.com It’s the age of DevOps, and we all want to shift left, which refers to the idea of performing processes earlier in the CI/CD cycle. That includes security checks and audits. By starting security operations earlier in the delivery pipeline, it becomes easier to find problems, and teams have more time to address them before pushing code into production. The challenge, of course, is building a shift-left security operation that allows you to perform security operations early without

« 1 2 3 4 5 6 7 »