July 20, 2017 bestdevops DevOps Leave a comment

98% of Companies Favor Integrating Security with DevOps

Source – darkreading.com An overwhelming majority of companies believe an integrated security and DevOps team makes sense, with 98% of survey respondents saying they are either planning to or have launched such an effort, according to a report released today by DigiCert. The survey, which queried 300 US companies with a third of the respondents coming from IT, DevOps, or IT security management, found that 49% of respondents have already completed their DevOps and security integration, while another 49% are working

July 11, 2017 bestdevops Cloud Computing, DevOps Leave a comment

The changing face of security in the age of the cloud

Source – cloudcomputing-news.net The computing world just keeps on progressing but as we all know with progress comes additional challenges. This is especially true of challenges around security. Every advance in computing has given rise to the same question: “how do we secure this new toy?” When client/server architecture was all the rage in the late 1990s there was great excitement about the advantages it brought about but also a concern for the security implications of distributed clients and centralised servers.

July 7, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

DevOps is failing these three tenets of privacy compliance

Source – sdtimes.com If you’re like many organizations with data security concerns, you probably believe your automated tests are sufficient to catch any potential security or privacy vulnerabilities. The scenario is familiar: You’re streaming data from multiple sources into your SEIM systems, and you’ve configured triggers for the reporting process. You keep a close eye on results from automated tests on software running in production. All of your monitoring tools indicate your code is running flawlessly and there are zero errors.

June 29, 2017 bestdevops Cloud Computing, DevOps Leave a comment

Continuous monitoring in the cloud: Two steps to make it a reality

Source – searchcloudsecurity.techtarget.com When automating and orchestrating security controls for DevOps deployment pipelines, security teams need to secure source code and build processes and promotions to cloud environments. Once systems and applications are running in the cloud, security teams also need to ensure a continuous monitoring feedback loop is in place for all the assets running in cloud provider environments. This has caused a number of issues for many organizations due to the lack of tool maturity or availability for performing monitoring,

June 21, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Why runtime application self-protection is critical for app security

Source – appdevelopermagazine.com Today most of us go about implementing security from the outside in. The common practice is to start by defining a perimeter and trying to defend it with various security tools. Even though perimeters have been porous for more than a decade, we still can’t give up this notion that if we build a better wall we can keep our enterprises safer. Certainly that is where most enterprises are spending their security budgets. Gartner estimates we spend more

June 20, 2017 bestdevops Continuous Integration, DevOps Leave a comment

Automated Testing: Remember Security

Source – devops.com Between continuous integration (CI) and release automation (RA), we’ve come a long way in making testing both integral and automated. This testing has allowed QA staff and developers to spend more time adding value by looking at problem areas instead of running tests by hand. Shops that have CI well-integrated into their application processes and are using test driven development (TDD) claim they have improved both time to deployment and code quality. But we’re still struggling to get

June 15, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Security and Development Teams Collaborate on Apps

Source – infosecurity-magazine.com Security teams and developers are more aligned and capable of taking a collaborative approach than many in the industry believe, according to a new study from Veracode. The application security vendor, recently acquired by CA Technologies, polled 400 IT professionals in the UK, US and Germany to better understand the relationship between the two functions. There’s a common perception that developers and security professionals are fundamentally at odds: the former prioritizing features and time-to-market and the latter focused

June 3, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

Security & Development: Better Together

Source – darkreading.com How DevSecOps removes the silos between security and application development teams so that everyone can work together at the same speed. For organizations trying to accelerate their product go-to-market, DevOps has transformed application development. By knocking down the wall between development and operations it’s now possible to release incremental changes more often. The bad news is that security teams are not equipped to move as quickly, and are falling behind. For security teams looking for best practices to

May 25, 2017 bestdevops DevOps, DevOps News Leave a comment

DevOps shops size up security and compliance as code

Source – techtarget.com IT pros in DevOps shops want compliance and security to be the next things they automate, but people with the right skills are tough to find. AUSTIN — As enterprise IT pros gain experience with DevOps and infrastructure as code, they also begin to assess whether code can help with IT security and compliance problems. Products such as Chef Compliance and InSpec are on the minds of DevOps pros at ChefConf here this week. InSpec is an open

May 19, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

DevOps and SecOps: The Perks of Collaboration

Source – csoonline.com A quick search on the term DevOps shines a very telling light on where people see the value in this practice. Some proponents see DevOps as a faster path to market. Some feel that DevOps encourages faster innovation. Others suggest that entire organizations can literally move faster by virtue of using DevOps for product development. And still others who even think DevOps is TOO fast. Clearly, it’s all about speed, baby. There’s nothing wrong with getting things done

May 18, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

5 Simple Strategies for Building Security Into Your DevOps Process

Source – veracode.com Securing any development framework – whether Waterfall, Agile or DevOps – requires changes of culture, process, and technology. But unlike the straightforward flow of Waterfall, where security comes at the end of the process, it’s less clear where security fits in Agile and DevOps. As Securosis analyst Adrian Lane points out, Agile development includes “whatever work gets done in a sprint and does not bend to security, so you need to bend security to fit Agile.” Likewise, moving from

May 16, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

12 ways to improve run-time container security

Source – computerworld.com.au There still really aren’t many enterprise run-time security tools for containers available, which has skewed the conversation toward establishing defensive barriers prior to run-time – during the build, integration, and deployment stage. Of course, with rapidly evolving technology like containers, it can be all too easy to overlook the most basic security concerns, so, really, any focus at all is welcome. Efforts pointing out the security advantages of digitally signing container images at build time, and scanning them

May 13, 2017 bestdevops DevOps, DevOps Best Practices, IT trends Leave a comment

DevOps, Security, Hybrid IT: Priorities of successful IT pros

Source – enterprisersproject.com Consider how much the role of the IT professional has changed during the last 10 years. As traditional, siloed IT roles — such as network administrators, storage administrators, systems administrators, and database administrators — continue to include new responsibilities, IT professionals can no longer get by as specialists. These days, they’re are expected to be implementing new technologies and trends, inlcuding containers, serverless architecture, and IoT, while working with cloud service providers. They’re acting as liaisons to business leaders. On top of all that,

May 3, 2017 bestdevops DevOps, DevOps Process, DevOps Updates Leave a comment

DevSecOps: Paradigm shifts are messy, but someone’s got to take the lead

Source:- infoworld.com A perfect storm of factors brewing in the dev, ops, and security worlds have created a window of opportunity to embed security into the application delivery lifecycle, in a needle-moving kind of way. However, security teams need to be the ones driving the DevSecOps charge or that needle will barely wobble. Given how many security practitioners spend their days putting out fires, adding “DevSecOps evangelist” to their job description is more likely to elicit groans than spur the desire

April 28, 2017 bestdevops DevOps, DevOps Tools Leave a comment

Top 10 Benefits of using Docker

Source – apiumhub.com Today, there is a buzz all around about containerization and Docker. What exactly the Docker is and how it is related to containerization? What are the top benefits of using docker ? Why it became so popular ? And what are the statistics and successful case studies related to Docker ? In this article I will answer all these questions. What is docker & how is it related to containerization Running applications in containers instead of virtual machines is

April 20, 2017 bestdevops DevOps, Software Leave a comment

DevOps teams have poor security practices

Source – itproportal.com Many organisations don’t enforce proper security measures in their DevOps environments, putting both the company and the product at risk. This is according to a new report by Venafi, looking into security practices among DevOps. Using the same passwords for multiple machines, or not even bothering to secure communications between machines are some of the most common issues, usually among organisations in the middle of adopting DevOps practices. However, even organisations that say their DevOps practices are ‘mature’,

April 20, 2017 bestdevops DevOps, IT trends, Software Leave a comment

The intersection of DevOps and application security

Source – csoonline.com I’m sure you’ve seen the DevOps concept in development today. It focuses on bringing stability and reliability to corporate infrastructures and clouds. For example, many corporations have firewalls that protect the corporate infrastructure. DevOps would have any change to the firewall policy be versioned within a source code control system. This versioning is great because it enables a rollback to a stable version of the policy when a change goes awry. That improves reliability. Imagine DevOps being deployed

April 8, 2017 bestdevops DevOps, DevOps Best Practices, DevOps Updates Leave a comment

Resources for DevOps Pros to Learn About Security

Source:- threatstack.com These days, security should be part of everyone’s job. This is especially true for DevOps teams, which are responsible for developing, delivering, and maintaining critical applications for many organizations, and must therefore prioritize security as part of their role. But the world of security can seem like a bit of a mystery until you’ve been exposed to it. If you or someone on your team is looking to learn more about what it takes to run a secure

April 4, 2017 bestdevops DevOps, DevOps Best Practices, DevOps Process Leave a comment

DevOps success factors: Culture, APIs and security

Source:- zdnet.com As little as a decade ago, software was shipped in a CD-ROM to a storefront, purchased, and likely abandoned after the user’s initial installation. Today, code is shipped via the internet, meaning that continuous software updates are not only achievable, but expected, whether it’s for desktop, mobile, or browser-based applications. In an age where competitive advantage requires fast time to market, high service levels, and relentless experimentation, enterprises that cannot continuously deliver improvements risk losing in the marketplace.

March 28, 2017 bestdevops DevOps, IT trends, Test Driven Development Leave a comment

Three Lessons From Test-Driven Development

Source:- securityintelligence.com In 1999, Kent Beck’s “Extreme Programming Explained: Embrace Change,” became an inspiration for rethinking the way software was developed. Three years later, his “Test-Driven Development: By Example” further elaborated on the need to reconsider the way software is planned, how teams operate and, most importantly, the way software is tested. To date, there are over 170 books on Amazon about test-driven development (TDD). For readers curious about the origins and evolution of the concept, the Agile Alliance posted

« 1 … 4 5 6 7 »