DevSecOps Podcast Episodes Recap

The week of April 15th I dedicated every Security In Five podcast episode to DevSecOps and the push to move security left. I was motivated to talk about this push because it’s a concept and challenge I deal with almost daily with my own projects and working with clients.

DevSecOps, or DevOps if you are a stickler, it about changing the way applications are built and delivered. Regardless how fast an application is built, how many releases you have or how many features you introduce the security requirements don’t change. You still have to cover security, period.

The DevOps push through Agile adoption has not had security in the mix and I believe, from my experience and agreeing with studies, applications are getting less secure. Why? Because the speed and promises of delivery are taking priority over security controls. They are either ‘accepted, delayed for remediation or security tests and scans are just not completed at all.

In the Security In Five podcast I talked about how you can work toward DevSecOps and moving security left. You cannot have security as the gatekeepers at the end of a cycle, they need to be included at conception, design and during the creative phases. Long before anything is scan-ready.

Be aware, be safe.

End of line.

Please follow and like us:

Binary Blogger

Binary Blogger has spent 20 years in the Information Security space currently providing security solutions and evangelism to clients. From early web application programming, system administration, senior management to enterprise consulting I provide practical security analysis and solutions to help companies and individuals figure out HOW to be secure every day.

Subscribe
Facebook Page
Follow Me On Twitter
contactme@binaryblogger.com