Debunking 4 Myths of DevSecOps Adoption

Every day organizations incorporate DevSecOps into their software development, security, and operations practices to ensure they can build critical security controls into their agile software delivery. According to one survey, 84 percent of respondents said it’s difficult to reduce risk to their applications because they’re not able to monitor, detect, and prevent attacks at the application level. […]

Read more
How to Get Security Groups to Join Your DevSecOps Journey

DevSecOps shifts security practices left and assures earlier that your application isn’t vulnerable to breaches. But convincing a security group to get on board with your DevSecOps journey may not be an easy task. These four points can help you prove to your security group that DevSecOps is in everyone’s best interest.

Read more
How to Get Security Groups to Join Your DevSecOps Journey

DevSecOps shifts security practices left and assures earlier that your application isn’t vulnerable to breaches. But convincing a security group to get on board with your DevSecOps journey may not be an easy task. These four points can help you prove to your security group that DevSecOps is in everyone’s best interest.

Read more
DevOps and Security: 5 Principles for DevSecOps

With the trend toward a more continuous delivery and deployment process, late-lifecycle activities like security assurance present a significant hurdle to continuously delivering value to customers. DevSecOps addresses this by shifting security assurance activities, personnel, and automation closer to development.

Read more
Making Security a First Class Citizen in DevOps

I recently had the opportunity to do a web seminar with Jeff Payne about using open source tools for DevSecOps. In our discussion, I made the point that the goal of DevSecOps is to make application security a first-class citizen in the DevOps process. Making application security a first-class citizen improves the quality of your […]

Read more
A Definition of Done for DevSecOps

DevOps means different things to different people. To me, it is a culture of communication and collaboration across the entire team. In DevOps, we have a software delivery pipeline that checks, deploys, and tests every build. The goal is to give us confidence that we are producing a viable candidate for production, so we have […]

Read more
Testing Your DevOps Is Just as Important as Testing Your Software
Code

Long gone are the days of waterfall software development. The agile movement has brought common-sense software development principles to nearly every corner of the world and changed the way we look at software. This philosophy left marks on how we look at our infrastructure, too. With agile came DevOps and the idea to bring together […]

Read more
DevSecOps: Incorporate Security into DevOps to Reduce Software Risk

By now, most organizations have heard of DevOps, and many have begun to adopt DevOps practices as a key enabler of software delivery. Organizations that employ an agile approach find DevOps practices a natural extension, and DevOps truly enables agile practices to flourish. Organizations typically start with implementing continuous integration, test-driven development, and test automation […]

Read more
Implementing the DevSecOps Process
Security

The primary goal of DevSecOps is to ensure Security and Operations team members are engaged and collaborating with Development and Test from the very beginning of a project/product development. In addition to cultural shifts, it demands a linked toolchain of technologies to facilitate collaborative change. It requires pushing past departmental lines for more effective planning, […]

Read more
X