Today’s organizations are increasingly benefiting from the modernization of the software development lifecycle (SDLC), including the adoption of cloud, DevOps, Agile methodologies, containers and more. Thanks to this modernization, organizations are innovating and releasing updates faster than ever before. But these benefits aren’t without challenges. Application security arguably tops the list of challenges. Security has […]
Better Apps and Better Security When You Shift Left
Tens of thousands of people and hundreds of cybersecurity vendors descended on San Francisco at the end of April. While the RSA Conference was the primary draw, there are a number of peripheral events that go on throughout the week as well, such as the Cloud Security Alliance Summit, the CIO/CISO Interchange, BSides San Francisco […]
6 Traits That Define DevSecOps
How do we define DevSecOps? A combination of DevOps and security is readily apparent, but the philosophy goes much deeper. In a recent eBook, The State of DevSecOps, we asked industry experts to define what DevSecOps meant to them. Below, we’ve condensed their answers into five core attributes. Following these principles, CIOs or CTOs now […]
Top 5 DevOps Practices to Improve Security in Engineering
We’ve all been there … A new application or feature needs to be deployed yesterday and the last thing anyone wants to do is address security requirements. On the flip side, the very last thing anyone wants to address later is a security breach or a cost associated with non-compliance. Not only is it a […]
Combining SecOps and DevOps
Security has to be top of mind for most any company that is moving, or has moved, to the cloud. And, businesses know they need to act swiftly to ensure that any new products or services they’re dreaming up do not expose them to risk. How can they do that when the fast-moving nature of […]
Automation domination (for security automation it’s a path)
Let’s face it, by nature security professionals are not the trusting type – in the least bit whatsoever – to put it bluntly. The concept of automating security makes them jumpy, testy and downright irritable in some cases. Why? Well, as we know, security teams are charged with maintaining control over processes. Introducing automation requires […]
DevOps – A wake up call to security vendors
DevOps is changing the way IT works. Through a collaboration of development and IT teams, organizations can achieve tremendous scale at increased speed to deploy and maintain critical applications and infrastructure. The key technologies of virtualization and configuration automation have made this possible. Without these technologies, development may not slow down, but deployment would slow […]