Sat. Aug 24th, 2019

Binary Blogger

Are you a 1 or a 0? News, Thoughts and Reviews

DevSecOps Podcast Episodes Recap

2 min read

The week of April 15th I dedicated every Security In Five podcast episode to DevSecOps and the push to move security left. I was motivated to talk about this push because it’s a concept and challenge I deal with almost daily with my own projects and working with clients.

DevSecOps, or DevOps if you are a stickler, it about changing the way applications are built and delivered. Regardless how fast an application is built, how many releases you have or how many features you introduce the security requirements don’t change. You still have to cover security, period.

The DevOps push through Agile adoption has not had security in the mix and I believe, from my experience and agreeing with studies, applications are getting less secure. Why? Because the speed and promises of delivery are taking priority over security controls. They are either ‘accepted, delayed for remediation or security tests and scans are just not completed at all.

In the Security In Five podcast I talked about how you can work toward DevSecOps and moving security left. You cannot have security as the gatekeepers at the end of a cycle, they need to be included at conception, design and during the creative phases. Long before anything is scan-ready.

Be aware, be safe.

End of line.

Copyright © All rights reserved. | Newsphere by AF themes.