Qualys: How to be cool with DevOps

Source – computerweekly.com Well, it was only meant to be an open question, a hypothesising supposition, a point of informed speculation that might lead to an informal pub discussion at best. But, as is often the way with these things, the industry has taken it as a clarion call for commentary and deeper analysis… and who are we to turn down the opportunity for deeper inspection of the DevOps state of the nation? First among a small group of spokespeople invited

December 12, 2017 bestdevops DevOps, IT trends Leave a comment

When DevOps And SecOps Collide: How To Improve Collaboration To Enable Agility

Source – forbes.com There are two kinds of companies today: the ones that are in the cloud and ones that will be in the cloud. The gravitational pull fueled by agility, cost and resource management cannot be resisted. Today’s digital transformation is invigorating companies around the world to increase performance and drive more output. The rush to harness new digital technologies often results in enthusiastic business owners taking initiatives straight to the cloud, putting DevOps and SecOps at odds by allowing

November 9, 2017 bestdevops DevOps, IT Training Leave a comment

DevOps the forgotten team when it comes to security: CyberArk

Source – zdnet.com Due to the dynamic nature of DevOps and the business “secrets” they have access to, security vendor CyberArk has highlighted the importance of ensuring these teams are protected from the threat landscape. According to Jeffrey Kok, senior director of solution engineering for Asia Pacific and Japan at CyberArk, exposing DevOps to the elements means privileged account credentials — such as SSH keys, API keys, and other credentials — are proliferating throughout IT infrastructure at a rapid-fire pace, creating

October 12, 2017 bestdevops DevOps, DevOps Tools, IT trends Leave a comment

CyberArk integrates with Puppet to automate DevOps secrets protection

Source – economictimes.indiatimes.com Mumbai: CyberArk announced its partnership with Puppet as an Advanced Technology Partner. Together, CyberArk and Puppet are working together to create supported modules that provide automated, enterprise-grade protection of secrets and are seamlessly integrated with Puppet’s configuration automation, enabling secure, high-velocity DevOpsworkflows. In dynamic DevOps environments, tools, scripts and applications/services are constantly being created, used and disabled. Each step requires secrets, including SSH/API keys, passwords and certificates, which regularly go unchanged or revoked, or may not be available for a range of reasons,

September 25, 2017 bestdevops Agile, DevOps, IT trends Leave a comment

HashiCorp DevOps tools add Sentinel for IT policy management

Source – techtarget.com In some enterprise IT shops, DevOps is evolving into DevSecOps, and new tools are needed to automate IT policy management as part of that trend. One such tool emerged this week in Sentinel, an option now included with the enterprise versions of HashiCorp DevOps tools such as Consul for service discovery, Vault for secrets management, Nomad for container scheduling, and Terraform for infrastructure as code. Sentinel automates IT policy management with a policy language that can be tested, version-controlled

September 16, 2017 bestdevops DevOps, DevOps Updates, IT trends Leave a comment

Secure DevOps lengthens IT ops to-do list

Source – techtarget.com Secure DevOps is a recent trend that has primarily involved collaboration between application developers and security experts so far — the IT ops role in the new collaboration between app developers and security pros hasn’t been fleshed out yet. But as developers and security professionals “shift security left” in the app delivery process, IT ops will need to respond accordingly, and preferably proactively. IT pros must collaborate with the security team as well as application developers. Following high-profile

September 1, 2017 bestdevops DevOps, IT trends Leave a comment

CyberArk and Jenkins Power Secure, High Velocity DevOps Environments

Source – dqindia.com CyberArk, the company that protects organizations from cyber attacks that have made their way inside the network perimeter, today announced the integration of the CyberArk Privileged Account Security Solution with Jenkins, the leading open source automation server. With this integration, organizations gain an automated orchestration process with built-in secrets management and protection for their DevOps pipeline without unnecessary trade-offs between security and velocity. CyberArk will demonstrate the integration at stand #504 at Jenkins World 2017, August 28 –

August 21, 2017 bestdevops Continuous Integration, DevOps, IT trends Leave a comment

Integrating Security into DevOps Takes Care

Source – informationweek.com DevOps is quickly evolving from the experimental phase to becoming the standard approach to application development and delivery. It breaks down the barriers between developers and IT operations, speeding up development projects. However, that speed can also create significant security risks if the IT security team is not brought into the process after DevOps releases a new product. The recent DigiCert “2017 Inviting Security into DevOps Survey” finds a vast majority of enterprises are in fact working to

July 20, 2017 bestdevops DevOps Leave a comment

98% of Companies Favor Integrating Security with DevOps

Source – darkreading.com An overwhelming majority of companies believe an integrated security and DevOps team makes sense, with 98% of survey respondents saying they are either planning to or have launched such an effort, according to a report released today by DigiCert. The survey, which queried 300 US companies with a third of the respondents coming from IT, DevOps, or IT security management, found that 49% of respondents have already completed their DevOps and security integration, while another 49% are working

July 7, 2017 bestdevops DevOps, IT trends Leave a comment

IT Security Practices Being Eyed Earlier in App Development: Study

Source – windowsitpro.com In the past, IT security in the application building process has often been addressed as an after-thought, usually brought up at the last minute, just after the desired application and code were created. Since 2014, however, that frequent pattern has been changing as more security emphasis is apparently being brought into application development earlier in its creation, according to a recent DevSecOps study on enterprise security practices, released by Sonatype. The report, the 2017 DevSecOps Community Survey, found that in 2014, the last time

July 5, 2017 bestdevops Cloud Computing, DevOps Leave a comment

How to tackle changing cloud security threats: A guide

Source – cloudcomputing-news.net IT workers face a serious challenge when it comes to file sharing. In one corner is corporate governance which seeks to protect businesses and prevent cyber-attacks. In the opposite corner are end users who want to work more efficiently – collaboratively – by sharing or saving files. The best way of ending this conflict is to find middle ground. In attempting this resolution, enterprises need to find the right balance between IT security and governance on one side

May 25, 2017 bestdevops DevOps, DevOps News Leave a comment

DevOps shops size up security and compliance as code

Source – techtarget.com IT pros in DevOps shops want compliance and security to be the next things they automate, but people with the right skills are tough to find. AUSTIN — As enterprise IT pros gain experience with DevOps and infrastructure as code, they also begin to assess whether code can help with IT security and compliance problems. Products such as Chef Compliance and InSpec are on the minds of DevOps pros at ChefConf here this week. InSpec is an open

May 20, 2017 bestdevops DevOps, Test Driven Development Leave a comment

13 benefits you will get by using Test Driven Development

Source – techpatio.com The first thing I do when a tech company says they are Agile, is ask about test driven development and continuous integration. If they don’t do it, in my opinion, they are just not Agile. Today I would like to focus on the benefits of TDD. Over the years I have been listening to different opinions about TDD. People talking about it’s importance and about past experiences, working with a code that was not designed using Test Driven

May 8, 2017 bestdevops DevOps, DevOps Best Practices, IT trends Leave a comment

IT security sucks: Here’s why (and how to fix it)

Source – itbusinessnet.com The rise of cybercrime across the globe has proven that traditional criminals are finding new ways to attack: Physical access to the goods is no longer required, now the basic requirements are internet connectivity, an intellect capable of operating tools built by someone else, and a pronounced lack of scruples. While the modern workforce is familiar with buzzwords like cyber crime and black hat, only 38 percent of organizations surveyed for ISACA’s “2015 Global Cybersecurity Status Report” claimed

Interview questions for hiring cloud security

April 22, 2017 bestdevops Cloud Computing, DevOps Leave a comment

10 interview questions for hiring cloud-literate security staff

Source:- csoonline.com Market researchers have been saying for a while now that organizations are having trouble finding, hiring, and retaining experienced IT security professionals with the necessary cybersecurity skills. The rise of cloud computing creates an additional hurdle to building a modern security team. Cloud computing brings a unique set of information security challenges along with a shift in security strategy. Gartner predicts that 95 percent of cloud security incidents will be the customer’s fault, so it is critical for security

March 31, 2017 bestdevops DevOps, DevOps Best Practices, DevOps Process Leave a comment

IT ops pros adopt iterative approach to security in DevOps

Source:- searchitoperations.techtarget.com Baby steps that add security in DevOps environments are better than none at all, according to experienced IT ops practitioners. Most organizations have dedicated IT security departments or personnel, but lack of a mature DevSecOps collaboration means IT ops ends up on the front lines to identify vulnerabilities and anomalies in production applications. Like it or not, security in DevOps environments is often left up to them. Attacks are often unmasked because they show up as a problem

« 1 … 4 5 6