As nice as the word “Egress” may sound, I like “Outbound” better. Outbound is hardcore firewalling for the traffic that was initiated on the “trusted” side of the firewall, and is destined OUT to the unknown. However, over the last 20 years network administrators have put much more emphasis on what can come IN to their networks, rather […]
Security Policies For DevOps 101
A while back I was talking with some friends about how to ensure security inside a devops environment. The simple first thought was that no where does DevOps say to do away with security. Instead, consider how your existing information security practices and policies need to adjust given the changes that DevOps brings to the […]
Bootstrapping Chef (or Whatever) for Autoscaled EC2 Instances
I realize it is traditional to start writing a new blog with some background and a deep introspection as to the author’s personal motivation for writing said blog, but I’ve never been one for tradition. Thus, for my first official DevOps post, I think I’ll jump write in with a technical tutorial on a problem […]
Why Baking Security Into the DevOps Framework is Vital to Its Success
I attended my first official DevOps conference in Israel in September 2013. But I was initially introduced to DevOps by my customers – firewall and network managers who, through their efforts to automate security policy management, found themselves dealing with a new and like-minded set of IT stakeholders – DevOps teams. They said DevOps was […]
DevOps – A wake up call to security vendors
DevOps is changing the way IT works. Through a collaboration of development and IT teams, organizations can achieve tremendous scale at increased speed to deploy and maintain critical applications and infrastructure. The key technologies of virtualization and configuration automation have made this possible. Without these technologies, development may not slow down, but deployment would slow […]