Wednesday, March 3, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

DevSecOps is the new DevOps

September 27, 2019
in Internet Security
DevSecOps is the new DevOps
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

“Shifting left,” the latest buzzphrase for pushing responsibility and functionality to the beginning of the software development lifecycle, is a good idea, but more is needed — especially in DevOps situations, in which software moves through fast, and in an automated fashion. Organizations with highly integrated security practices are well ahead with DevOps as well. 

Hence, the increasing emphasis on expanding the DevOps term to DevSecOps — as explained in this Red Hat overview, DevSecOps means “thinking about application and infrastructure security from the start. It also means automating some security gates to keep the DevOps workflow from slowing down.”.

You might also like

Remote work: 5 things every business needs to know

New app rollout helps reduce paperwork for NSW frontline child protection caseworkers

Linux Mint may start pushing high-priority patches to users


Photo: Joe McKendrick

DevSecOps may seem like a dry, highly technical and siloed pursuit, but in practice, it is shaped by an open culture that seeks to deliver innovation at the rapid pace customers increasingly require. “Firms that are undergoing DevOps transformations want and need guidance on how to integrate security,” state the authors of a recent survey released by Puppet, CircleCI and Splunk Inc.

The Puppet/CircleCI/Splunk survey, which involved 3,000 developers and managers, validates how DevSecOps enhances the entire DevOps practice. The survey finds that teams at higher levels of DevOps practices have automated their security policies, and they involve security teams very early in the software development lifecycle — including the planning and design phases. 

Twenty-two percent of the firms at the highest level of security integration have reached an advanced stage of DevOps evolution, compared to only six percent of the firms with no security integration. 

Firms at the highest level of security integration, the survey shows, are able to deploy to production on demand at a significantly higher rate than firms at all other levels of integration – 61 percent are able to do so. Only 49 percent of organizations without integrated security can deploy on demand.  

A strong DevOps culture also supports stronger security, the survey finds. This is defined as “a culture of sharing, where teams collaborate using common tools and work towards common goals; where delivery teams have strong autonomy, yet it’s relatively easy to cross organizational boundaries to get work done.” 

What’s the best path to DevSecOps? Cisco, a sprawling tech organization with a huge business stake in secure software delivery, has been employing DevSecOps methodologies to assess and improve the security posture across its many cloud-based outlets. In a recent post, Steve Martino, senior vice president and chief information security officer for Cisco, shared details of his company’s journey:  

  • Establish a foundation. “Using clearly defined guiding principles to drive security throughout the development process helps establish mutual trust among the engineering, operations and security teams,” Martino writes.
  • Prove it out first. “At Cisco, we ran an Agile security hackathon with participants from the Information Security and application teams to first configure the most important security requirements – what we call the guardrails.”
  • Automate your guardrails. “Provide an easy way for your teams to apply the guardrails, such as at the time of new account provisioning. Also develop simple scripting to retrofit those with existing accounts.”
  • Continuously validate. “As new resources are on-boarded or other changes occur, keep guardrails up-to-date with constant security validation and real-time monitoring of security logs. Consider creating security health reports based on specific scoring or grading criteria to send to department tenants on a regular basis.” 

Credit: Zdnet

Previous Post

TensorFlow 1.x vs 2.x. – summary of changes

Next Post

How to Use Infographics as Marketing Tools

Related Posts

Remote work: 5 things every business needs to know
Internet Security

Remote work: 5 things every business needs to know

March 3, 2021
New app rollout helps reduce paperwork for NSW frontline child protection caseworkers
Internet Security

New app rollout helps reduce paperwork for NSW frontline child protection caseworkers

March 3, 2021
Linux Mint may start pushing high-priority patches to users
Internet Security

Linux Mint may start pushing high-priority patches to users

March 3, 2021
Ransomware puzzle: These two pieces of malware look very different, but they evolved from the same root
Internet Security

Ransomware puzzle: These two pieces of malware look very different, but they evolved from the same root

March 3, 2021
Google addresses customer data protection, security in Workspace
Internet Security

Google addresses customer data protection, security in Workspace

March 2, 2021
Next Post
How to Use Infographics as Marketing Tools

How to Use Infographics as Marketing Tools

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Remote work: 5 things every business needs to know
Internet Security

Remote work: 5 things every business needs to know

March 3, 2021
Yum! Brands Acquires AI Company
Machine Learning

Yum! Brands Acquires AI Company

March 3, 2021
Customer Experience Management and Improvement
Marketing Technology

Customer Experience Management and Improvement

March 3, 2021
New app rollout helps reduce paperwork for NSW frontline child protection caseworkers
Internet Security

New app rollout helps reduce paperwork for NSW frontline child protection caseworkers

March 3, 2021
Cloudera: An Enterprise-Level Play On Machine Learning And Big Data – Seeking Alpha
Machine Learning

Cloudera: An Enterprise-Level Play On Machine Learning And Big Data – Seeking Alpha

March 3, 2021
The Symbolic World: Raising A Turing’s Child Machine (1/2) | by Puttatida Mahapattanakul | Feb, 2021
Neural Networks

The Symbolic World: Raising A Turing’s Child Machine (1/2) | by Puttatida Mahapattanakul | Feb, 2021

March 3, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Remote work: 5 things every business needs to know March 3, 2021
  • Yum! Brands Acquires AI Company March 3, 2021
  • Customer Experience Management and Improvement March 3, 2021
  • New app rollout helps reduce paperwork for NSW frontline child protection caseworkers March 3, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates