March 28, 2017 bestdevops DevOps, DevOps Tools, DevOps Updates Leave a comment

Five security trends to watch in virtualization in 2017

Source:- datacenterdynamics.com Virtual components and environments present a particular challenge when we talk about corporate cyber security. Here are the five trends I believe will define the field of virtualization in 2017: 1. Virtualization security is focusing on integration Considering security solutions for VDI and virtualized servers, I predict that enterprises will pay more attention to the smooth integration between various systems instead of the thorough examination of product features under a microscope. Security solutions that can be integrated into

March 25, 2017 bestdevops Cloud Computing, DevOps, DevOps Best Practices Leave a comment

7 best practices for securing your cloud service

Source:- networkworld.com As enterprises move their applications and data to the cloud, executives increasingly face the task of balancing the benefits of productivity gains against significant concerns about compliance and security. Security in the cloud is not the same as security in the corporate data center. Different rules and thinking apply when securing an infrastructure over which one has no real physical control. When leveraging cloud services, enterprises need to evaluate several key factors, including: Data encryption capabilities for both

March 21, 2017 bestdevops DevOps, Test Driven DevOps Leave a comment

Secure DevOps: A simple plan to deliver business value

Source:- techbeacon.com DevOps—the movement to break down silos, deliver software faster, and overall create a better experience for customers—is spreading from startups and experimenters to the enterprise. Many security team leads would cringe at the idea of faster development cycles in an IT department that has even less time and patience for standard security checks, but James Wickett, a senior DevOps engineer, sees not just opportunity, but necessity. “Traditional information security is going to die if we don’t respond to

March 10, 2017 bestdevops Cloud Computing, DevOps Leave a comment

Three Overlooked Lessons about Container Security

Source:- linux.com I’ve just joined container security specialists Aqua Security and spent a couple of days in Tel Aviv getting to know the team and the product. I’m sure I’m learning things that might be obvious to the seasoned security veteran, but perhaps aren’t so obvious to the rest of us! Here are three aspects I found interesting and hope you will too, even if you’ve never really thought about the security of your containerized deployment before: #1: Email Addresses

February 10, 2017 bestdevops DevOps, DevOps Best Practices, DevOps Events Leave a comment

Secure Coding: The Rise of SecDevOps

Source:- databreachtoday.com For too long, ensuring that code is securely written – and bug free – has been a business afterthought. But there’s been new hope for building security into the development lifecycle, thanks to the rise of DevOps, aka rugged software, says Chris Wysopal, CTO of the application security firm Veracode. DevOps – a truncation of software development and IT operations – incorporates aspects of agile development, including short sprints – perhaps just two weeks in length – that

February 10, 2017 bestdevops DevOps Tools, DevOps Updates Leave a comment

Docker Introduces Secrets Management

Source:- crn.com Docker’s latest update helps enterprise customers protect their secrets. An update released Thursday for Docker Datacenter, the container-tech pioneer’s commercial offering, implements a container-native framework for controlling access to sensitive information like API keys, encryption keys and passwords, along with a security scanning feature that can detect vulnerabilities and bugs. The new feature for managing access-control secrets, architected to facilitate large container deployments, can deliver those protected pieces of information to specific, authorized containers in a cluster. Secrets

February 9, 2017 bestdevops Agile, Cloud Computing, DevOps Leave a comment

Top 10 Ways To Achieve Agile Security

Source:- itbusinessnet.com Between 2017 and 2021, worldwide spending on cybersecurity will top $1 trillion, according to Cybersecurity Ventures. From new threat vectors within networks to the barrage of cyberattacks due to the move to the cloud, CIOs and CISOs have more to consider around cybersecurity than ever before. Cloud has brought benefits such as agility, scalability, and cost savings to business. Unfortunately, more often than not, security can’t keep up. Many businesses have witnessed the benefits of cloud firsthand. To enable

February 2, 2017 bestdevops DevOps, DevOps Best Practices Leave a comment

5 ways to align security with your DevOps strategy

Source:- techbeacon.com In 2016, DevOps reached a tipping point. Half of all organizations surveyed indicated that they are actively using it as a model for releasing and maintaining custom applications, according to the Gartner Research note DevSecOps: How to Seamlessly Integrate Security Into DevOps, September, 2016. Yet, about 80 percent of those organizations surveyed expressed concerns that information security policies and teams are preventing them from achieving the level of agility that DevOps promises. Development, operations and security all want

January 28, 2017 bestdevops DevOps, DevOps Best Practices, DevOps Process Leave a comment

Why security is the top issue for DevOps teams in 2017

Source:- itworldcanada.com Security, not speed, is shaping up to be the top issue for DevOps teams in 2017, a new survey suggests. According to the 2017 State of the Application Delivery Report by F5 Networks Inc., security is the number one priority among 2,000 IT, networking, application and security professionals surveyed worldwide. “Security teams are expanding beyond traditional firewalls and the legacy enterprise perimeter as a response to hackers increasingly targeting the application,” the report states. Those same security concerns

January 25, 2017 bestdevops DevOps, DevOps Updates Leave a comment

Report: 111 billion lines of code will have to be secured this year

Source:- sdtimes.com As new pieces of software are being written every day, the threat of malicious hacking continues to grow. According to a new report, there will be about 111 billion lines of new software code created this year, and with them will come billions of software vulnerabilities. “Applications have become inviting targets for malicious actors, but securing those programs has proven to be challenging to both security teams and developers,” according to the report. “Too often, key vulnerabilities get

January 21, 2017 bestdevops Continuous Integration, DevOps Tools, DevOps Updates Leave a comment

Code Development Still not Seeing Security Involvement

Source:- infosecurity-magazine.com Code development should have security built in from the start to avoid headaches further along the line, and tools and processes exist to make this possible. Speaking at the Checkmarx “Shift Left” conference in central London, security researcher Troy Hunt said that it is hard to put numbers on security of code, and it is hard to look at code once it is written and determine if it is good or bad, but if it is bad, it

January 13, 2017 bestdevops DevOps, DevOps Process, DevOps Updates, Test Driven DevOps Leave a comment

7 Reasons Why Containers are a Natural Fit for DevOps Teams

Source – eweek.com Containers Boost Data and Application Security One of the key benefits of containers is their ability to isolate application code and even whole infrastructure stacks at will. Using containers, ops teams can set up namespaces to keep test and production environments separate, even if they share the same kernel. Containers also ensure that only designated users have access to their contents, providing ops teams with complete control of their architecture. As 2017 takes shape, containers’ popularity continues to

January 13, 2017 bestdevops DevOps News, DevOps Process, DevOps Updates Leave a comment

Improve your DevOps security game with Ansible Vault

Source – opensource.com You may have your DevOps efforts orchestration nailed down, but you should make improving the operational maturity of such implementations an ongoing effort. One tool I use is Red Hat’s Ansible, which is fantastic for orchestration and configuration management. The low barrier to entry and simplicity of Ansible are why so many people that start using it learn to love it. One feature in Ansible that developers should use more often is Ansible Vault. According to its documentation, the

December 31, 2016 bestdevops DevOps, DevOps Best Practices, DevOps Days, DevOps News Leave a comment

DevOps and Security: Divided we fall

Source – vmblog.com Tufin 2017 Predictions: DevOps and Security – Divided We Fall VMblog Predictions 2017 Virtualization and Cloud executives share their predictions for 2017. Read them in this 9th annual VMblog.com series exclusive. Contributed by Reuven Harrison, CTO, Tufin DevOps and Security: Divided we fall The DevOps movement is picking up speed as an increasing number of organizations realize the many benefits of the DevOps process. Built on the principles of faster software development, collaboration and innovation, why wouldn’t an

December 21, 2016 bestdevops IT Training

The Danger of Miscommunication Between Security and DevOps

When a security team can assess brand, financial, strategic risks – then they are best able to act as a trusted advisor to the DevOps team as they build and maintain secure systems. Source – The Danger of Miscommunication Between Security and DevOps

« 1 … 5 6 7