According to a recent survey by Veracode, 52% of developers worry that application security will delay development and threaten deadlines. This is huge percentage, especially considering how crucial finding, fixing and preventing security vulnerabilities is to any development effort.
There’s a lot going on in the container world. Just last month we learned that Docker added Kubernetes support to their platform in a move that clearly indicates Kubernetes’ dominance in the container orchestration world. Prior to that, Kubernetes added RBAC Authorization and Support for Outbound Network Policies and …
One of the most distinctive traits of DevOps is agility. The development cycle is not only fast, but also divided into multiple components that are constantly updated. At runtime, constant updates and at times episodic workloads, challenge the security of any environment.
Evangelists for DevSecOps integration are building interest in the discipline and providing an understanding of the power of using a DevSecOps approach. In this post we’ll look at the best, of the best, DevSecOps pioneers.
This article was originally published in infoworld.com
As part of my job, I regularly meet with devops people to discuss their container strategy. Most of the time, the people I talk to are eager to reap the many benefits containers offer, but they are new to working with them. They might have a container-based system …
The DevOps-Security hybrid model is not a new thing. Gartner first introduced this model nearly five years ago. It was driven by the need to define where DevOps’ responsibility for security starts and ends, and how security teams can facilitate a streamlined process for building and deploying software in a secure …
Take one of the growing IT areas today, combine it with skyrocketing demand, and there you have it: DevOps is here to stay. And the sooner security teams grasp the DevOps methodology, the better. There are many different ways in which security teams can adopt DevOps practices and embed themselves into the process, but …
DevOps professionals continue to believe they can’t do their jobs properly because security slows down operations. Security pros, meanwhile, have largely failed to integrate security measures into DevOps initiative, resulting in unproductive friction.
It’s no secret that DevOps and IT security, like oil and water, are hard to mix. After all, DevOps is all about going fast, while security is all about proceeding carefully. However, both DevOps and security serve a higher authority—the business—and the business will be served only if DevOps and security learn to get …
As part of the DevOps team, I’m sure you’re already a fan of containers; the way they’ve eliminated the pain of those environment-related configuration challenges, and reduced your infrastructure requirements by being so much more lightweight than full-blown VMs. But the very thing that makes them so lightweight – …
DevOps is a relatively new concept, adopted by more and more businesses – breaking down the barriers between development, quality assurance (QA) and IT operations, to result in a much more rapid and fluid software development lifecycle (SDLC). However, there are almost certainly a number of organisational and …