From my NCS blog post:
Despite the rapid growth of DevOps practices throughout various industries, there still seems to be a fair amount of trepidation, particularly among security practitioners and auditors. One of the first concerns that pops up is a blurted out “You can’t do DevOps here! It violates separation of duties!” Interestingly, this assertion is generally incorrect and derives from a general misunderstanding about DevOps, automation, and the continuous integration/deployment (CI/CD) pipeline.
Continue reading here…
*** This is a Security Bloggers Network syndicated blog from The Falcon's View authored by Ben Tomhave. Read the original post at: http://feedproxy.google.com/~r/secureconsulting/ujTc/~3/xgBoKvdfV1s/ncs-blog-devops-and-separation.html