DevOps and Security Are Compatible
// Planet DevOps
When I speak with information security organizations faced with the prospect of moving to DevOps, one of the most common fears I hear is that this transition will degrade security of infrastructure and applications. If you're one of these folks, I understand this fear but you can rest assured: when you do things correctly security will actually improve. One big reason security benefits in this model is due to improved alignment and tighter feedback loops. You see, DevOps is about creating a unified, engaged team and doesn't make it easy to fall into the "silo thinking" that traditionally leads to security as an afterthought. DevOps embraces automation and consistency, which benefits security by allowing you to add automated checks during coding to look for obvious security issues and flag things for human review (such as the linking of new libraries or the introduction of new third-party components that could add risk). This means you will be able to identify "areas of concern" earlier in the development process where they will be...
----
Shared via my feedly reader
No comments:
Post a Comment