June 15, 2021 bestdevops DevOps Leave a comment

Majority of Orgs Lack Visibility Into Container Vulnerabilities

Source:-https://devops.com/ Today’s blend of third-party application dependencies and polyglot software development often makes assessing risk difficult. With many new cloud-native deployment models, it can be tricky to discover potential vulnerabilities. These threats take the form of insecure default settings in Kubernetes, over-permissive states, CVEs that threaten container integrity, and other vulnerable conditions. Plugging gaps throughout the cloud-native strata is now crucial to avoid exposing data and breaking privacy regulations. Yet, gaining visibility into these holdings is challenging, and traditional application

January 5, 2021 bestdevops Continuous Integration Leave a comment

A Modern Shift-Left Security Approach

Source:-https://www.forbes.com The concept of shifting security left is not new, but historically this has meant little more than inserting security processes in the middle of development and slowing everything down. In this article, I’ll describe older shift-left methods that have not worked — and how a modern approach to shifting left can have a high impact on risk reduction and create a healthy balance of freedom and responsibility for cloud-native development teams. I believe CISOs have no choice but to

May 27, 2019 Roushan Kumar DevOps Leave a comment

CIO upfront: Why CISOs should be limiting limitless innovation

Source:- cio.co.nz Getting the challenge of integrating a security mindset into DevOps practices right will become even more important as new markets of IT such as the Internet of Things spin up, writes Andrew Slavkovic of CyberArk In some companies, security teams make it impossible for DevOps to deliver any new code until they fix the security issues in it Chief information security officers (CISOs) are under growing pressures to find ways to overcome the consistent barrage of new cyberthreats. Part