Secure Coding: The Rise of SecDevOps

Source:- databreachtoday.com For too long, ensuring that code is securely written – and bug free – has been a business afterthought. But there’s been new hope for building security into the development lifecycle, thanks to the rise of DevOps, aka rugged software, says Chris Wysopal, CTO of the application security firm Veracode. DevOps – a truncation of software development and IT operations – incorporates aspects of agile development, including short sprints – perhaps just two weeks in length – that

Read more

Docker Introduces Secrets Management

Source:- crn.com Docker’s latest update helps enterprise customers protect their secrets. An update released Thursday for Docker Datacenter, the container-tech pioneer’s commercial offering, implements a container-native framework for controlling access to sensitive information like API keys, encryption keys and passwords, along with a security scanning feature that can detect vulnerabilities and bugs. The new feature for managing access-control secrets, architected to facilitate large container deployments, can deliver those protected pieces of information to specific, authorized containers in a cluster. Secrets

Read more

Top 10 Ways To Achieve Agile Security

Source:- itbusinessnet.com Between 2017 and 2021, worldwide spending on cybersecurity will top $1 trillion, according to Cybersecurity Ventures. From new threat vectors within networks to the barrage of cyberattacks due to the move to the cloud, CIOs and CISOs have more to consider around cybersecurity than ever before. Cloud has brought benefits such as agility, scalability, and cost savings to business. Unfortunately, more often than not, security can’t keep up. Many businesses have witnessed the benefits of cloud firsthand. To enable

Read more

5 ways to align security with your DevOps strategy

Source:- techbeacon.com In 2016, DevOps reached a tipping point. Half of all organizations surveyed indicated that they are actively using it as a model for releasing and maintaining custom applications, according to the Gartner Research note DevSecOps: How to Seamlessly Integrate Security Into DevOps, September, 2016. Yet, about 80 percent of those organizations surveyed expressed concerns that information security policies and teams are preventing them from achieving the level of agility that DevOps promises. Development, operations and security all want

Read more

Why security is the top issue for DevOps teams in 2017

Source:- itworldcanada.com Security, not speed, is shaping up to be the top issue for DevOps teams in 2017, a new survey suggests. According to the 2017 State of the Application Delivery Report by F5 Networks Inc., security is the number one priority among 2,000 IT, networking, application and security professionals surveyed worldwide. “Security teams are expanding beyond traditional firewalls and the legacy enterprise perimeter as a response to hackers increasingly targeting the application,” the report states. Those same security concerns

Read more

Report: 111 billion lines of code will have to be secured this year

Source:- sdtimes.com As new pieces of software are being written every day, the threat of malicious hacking continues to grow. According to a new report, there will be about 111 billion lines of new software code created this year, and with them will come billions of software vulnerabilities. “Applications have become inviting targets for malicious actors, but securing those programs has proven to be challenging to both security teams and developers,” according to the report. “Too often, key vulnerabilities get

Read more

Code Development Still not Seeing Security Involvement

Source:- infosecurity-magazine.com Code development should have security built in from the start to avoid headaches further along the line, and tools and processes exist to make this possible. Speaking at the Checkmarx “Shift Left” conference in central London, security researcher Troy Hunt said that it is hard to put numbers on security of code, and it is hard to look at code once it is written and determine if it is good or bad, but if it is bad, it

Read more

7 Reasons Why Containers are a Natural Fit for DevOps Teams

Source – eweek.com Containers Boost Data and Application Security One of the key benefits of containers is their ability to isolate application code and even whole infrastructure stacks at will. Using containers, ops teams can set up namespaces to keep test and production environments separate, even if they share the same kernel. Containers also ensure that only designated users have access to their contents, providing ops teams with complete control of their architecture. As 2017 takes shape, containers’ popularity continues to

Read more

Improve your DevOps security game with Ansible Vault

Source – opensource.com   You may have your DevOps efforts orchestration nailed down, but you should make improving the operational maturity of such implementations an ongoing effort. One tool I use is Red Hat’s Ansible, which is fantastic for orchestration and configuration management. The low barrier to entry and simplicity of Ansible are why so many people that start using it learn to love it. One feature in Ansible that developers should use more often is Ansible Vault. According to its documentation, the

Read more

DevOps and Security: Divided we fall

Source – vmblog.com Tufin 2017 Predictions: DevOps and Security – Divided We Fall VMblog Predictions 2017 Virtualization and Cloud executives share their predictions for 2017. Read them in this 9th annual VMblog.com series exclusive. Contributed by Reuven Harrison, CTO, Tufin DevOps and Security: Divided we fall The DevOps movement is picking up speed as an increasing number of organizations realize the many benefits of the DevOps process. Built on the principles of faster software development, collaboration and innovation, why wouldn’t an

Read more
1 3 4 5 6