PRO+ Premium Content/Modern Infrastructure

Thank you for joining!
Access your Pro+ Content below.
November 2017, Vol. 6. No. 10

With continuous security, SecDevOps deconstructs CI/CD

DevOps has taken the IT world by storm over the last several years. It's often credited as a way to reduce costs, speed deployments and improve corporate agility. Yet the application lifecycle management process is taking at least some of the blame in the fallout from recent high-profile security breaches. In principle, at least, "DevOps teams that deploy software are responsible for maintaining security by design," said Craig Lurey, CTO and co-founder of Keeper Security, a Chicago-based security software provider. In practice, though, teams too often neglect security or paste it on at the last moment. Thus, the idea to build security in from the start -- via a process known as SecDevOps -- was born. It's a concept that has gained momentum, though it is not without detractors. There's still uncertainty regarding exactly how to approach SecDevOps, DevSecOps or perhaps DevOpsSec. Each of the competing terms implies a somewhat different idea about how to accomplish the same goal. Summarizing the challenge, former McAfee CTO Jamie ...

Features in this issue

Columns in this issue

SearchDataCenter

SearchAWS

SearchServerVirtualization

SearchCloudApplications

SearchCloudComputing

DevOpsAgenda

-ADS BY GOOGLE

Close