Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

The marriage between DevOps & SecOps

From: InfoSec News <alerts () infosecnews org>
Date: Wed, 25 Mar 2015 07:23:44 +0000 (UTC)
http://www.idgconnect.com/blog-abstract/9656/the-marriage-devops-secops

By IDG Connect
March 24 2015
This is a contributed article by Tim Prendergast, Founder & CEO of Evident.io
The rise of cloud computing brings many exciting changes to the technology industry: elastic scalability of resources, commodity pricing, freedom to experiment, and a newfound love for agile philosophies. Thankfully, the cloud is leaving behind the constraints and practices of the legacy security industry. Here lies an exciting opportunity: with the rise of DevSecOps, we get to truly redefine how operations, engineering, and security can be brought together in harmony to achieve unparalleled success.
In the past, organizations kept the domains of engineering, operations, and security separate for scalability and accountability reasons. Preventing engineering and operations from intermixing guaranteed that production environments were held to a higher standard of reliability, resiliency and consistency than that of engineering environments like those used for development and testing.
However, in the last few years, the evolution of DevOps philosophies has really taken the industry by storm. DevOps is not exactly new -- it’s arguably a manifestation of the scientific method in our field (computer science): observe, hypothesize, predict, and experiment (test). This maps neatly to the Learn, Build, Measure principles from the Lean Startup: a DevOps Bible. It’s easy to see how structured, proven methods for improving things, like technology, can propel a business forward. These methods are an improvement compared with legacy practices that often included gut feelings, flawed data samples, and other such inaccurate methodologies.
DevOps pays big dividends for progressive organizations. Rapid delivery of infrastructure, code, and data has enabled a cornucopia of startups to flourish by capitalizing on customer feedback 100 times faster than incumbent players. Deep telemetry of systems, user experiences, and behaviors has helped organizations better serve their customers and predict their growing needs. Transparency around challenges has endeared customers to many disrupters, as they build a level of trust and understanding that is hard to capture via other means. 

[...]


--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
Previous By Date Next
Previous By Thread Next

Current thread: