Resources for DevOps Pros to Learn About Security

Source:- threatstack.com These days, security should be part of everyone’s job. This is especially true for DevOps teams, which are responsible for developing, delivering, and maintaining critical applications for many organizations, and must therefore prioritize security as part of their role. But the world of security can seem like a bit of a mystery until you’ve been exposed to it. If you or someone on your team is looking to learn more about what it takes to run a secure

Read more

DevOps success factors: Culture, APIs and security

Source:- zdnet.com As little as a decade ago, software was shipped in a CD-ROM to a storefront, purchased, and likely abandoned after the user’s initial installation. Today, code is shipped via the internet, meaning that continuous software updates are not only achievable, but expected, whether it’s for desktop, mobile, or browser-based applications. In an age where competitive advantage requires fast time to market, high service levels, and relentless experimentation, enterprises that cannot continuously deliver improvements risk losing in the marketplace.

Read more

Three Lessons From Test-Driven Development

Source:- securityintelligence.com In 1999, Kent Beck’s “Extreme Programming Explained: Embrace Change,” became an inspiration for rethinking the way software was developed. Three years later, his “Test-Driven Development: By Example” further elaborated on the need to reconsider the way software is planned, how teams operate and, most importantly, the way software is tested. To date, there are over 170 books on Amazon about test-driven development (TDD). For readers curious about the origins and evolution of the concept, the Agile Alliance posted

Read more

Five security trends to watch in virtualization in 2017

Source:- datacenterdynamics.com Virtual components and environments present a particular challenge when we talk about corporate cyber security. Here are the five trends I believe will define the field of virtualization in 2017: 1. Virtualization security is focusing on integration Considering security solutions for VDI and virtualized servers, I predict that enterprises will pay more attention to the smooth integration between various systems instead of the thorough examination of product features under a microscope. Security solutions that can be integrated into

Read more

7 best practices for securing your cloud service

Source:- networkworld.com As enterprises move their applications and data to the cloud, executives increasingly face the task of balancing the benefits of productivity gains against significant concerns about compliance and security. Security in the cloud is not the same as security in the corporate data center. Different rules and thinking apply when securing an infrastructure over which one has no real physical control. When leveraging cloud services, enterprises need to evaluate several key factors, including: Data encryption capabilities for both

Read more

Secure DevOps: A simple plan to deliver business value

Source:- techbeacon.com DevOps—the movement to break down silos, deliver software faster, and overall create a better experience for customers—is spreading from startups and experimenters to the enterprise. Many security team leads would cringe at the idea of faster development cycles in an IT department that has even less time and patience for standard security checks, but James Wickett, a senior DevOps engineer, sees not just opportunity, but necessity. “Traditional information security is going to die if we don’t respond to

Read more

Three Overlooked Lessons about Container Security

Source:- linux.com I’ve just joined container security specialists Aqua Security and spent a couple of days in Tel Aviv getting to know the team and the product. I’m sure I’m learning things that might be obvious to the seasoned security veteran, but perhaps aren’t so obvious to the rest of us! Here are three aspects I found interesting and hope you will too, even if you’ve never really thought about the security of your containerized deployment before: #1: Email Addresses

Read more

Secure Coding: The Rise of SecDevOps

Source:- databreachtoday.com For too long, ensuring that code is securely written – and bug free – has been a business afterthought. But there’s been new hope for building security into the development lifecycle, thanks to the rise of DevOps, aka rugged software, says Chris Wysopal, CTO of the application security firm Veracode. DevOps – a truncation of software development and IT operations – incorporates aspects of agile development, including short sprints – perhaps just two weeks in length – that

Read more

Docker Introduces Secrets Management

Source:- crn.com Docker’s latest update helps enterprise customers protect their secrets. An update released Thursday for Docker Datacenter, the container-tech pioneer’s commercial offering, implements a container-native framework for controlling access to sensitive information like API keys, encryption keys and passwords, along with a security scanning feature that can detect vulnerabilities and bugs. The new feature for managing access-control secrets, architected to facilitate large container deployments, can deliver those protected pieces of information to specific, authorized containers in a cluster. Secrets

Read more

Top 10 Ways To Achieve Agile Security

Source:- itbusinessnet.com Between 2017 and 2021, worldwide spending on cybersecurity will top $1 trillion, according to Cybersecurity Ventures. From new threat vectors within networks to the barrage of cyberattacks due to the move to the cloud, CIOs and CISOs have more to consider around cybersecurity than ever before. Cloud has brought benefits such as agility, scalability, and cost savings to business. Unfortunately, more often than not, security can’t keep up. Many businesses have witnessed the benefits of cloud firsthand. To enable

Read more
1 3 4 5 6