DevSecOps: More Work Ahead

Source- securityboulevard.com DevOps has come a long way since it got underway in full force nearly ten years ago.  As was recently made clear at this year’s DevOps Enterprise Summit (DOES) in Las Vegas, DevOps organizations have been successful when it comes to knocking down organizational silos, optimizing the delivery of software services and functionality, and shortening the time it takes to deliver digital value to customers. DevOps organizations are delivering better business outcomes. However, one area where there’s still much more work

Read more

5 Tips to Streamline Your Security Team

Source:- business2community.com If you’ve ever hired security pros, then you know the current talent shortage is no joke. A recent Computerworld survey found that compensation for security specialists is growing faster than for any other role in IT (up 6.4% year-over-year in average total compensation), and the competition for talent is fierce. Finding the right talent can be a lengthy process, leaving your security hopes and dreams in limbo. So, what’s an organization to do? Many companies are working hard

Read more

Is DevOps security about behavior or process?

Source:- networkworld.com One of my main roles is improving the security of the software produced by my employer, and it was in that role that I attended the annual gathering of the security industry in San Francisco last week. The RSA Conference is one of the two global security conferences I attend, the other being Blackhat. While Blackhat has become more corporate, it’s still dominated by hackers and focuses more on vulnerabilities, whereas RSA is very much a corporate event

Read more

Report: 111 billion lines of code will have to be secured this year

Source:- sdtimes.com As new pieces of software are being written every day, the threat of malicious hacking continues to grow. According to a new report, there will be about 111 billion lines of new software code created this year, and with them will come billions of software vulnerabilities. “Applications have become inviting targets for malicious actors, but securing those programs has proven to be challenging to both security teams and developers,” according to the report. “Too often, key vulnerabilities get

Read more

Code Development Still not Seeing Security Involvement

Source:- infosecurity-magazine.com Code development should have security built in from the start to avoid headaches further along the line, and tools and processes exist to make this possible. Speaking at the Checkmarx “Shift Left” conference in central London, security researcher Troy Hunt said that it is hard to put numbers on security of code, and it is hard to look at code once it is written and determine if it is good or bad, but if it is bad, it

Read more