Speed and security. Old-fashioned thinking contended that the two were incompatible; that high-velocity development and deployment of apps and software services invariably introduced higher levels of risk.
However, it has become increasingly apparent that speed is a necessary aspect of security. (Warning: In the time it took you to read the above, some hypothetical hacker could have wreaked untold havoc in your information systems.)
The stakes are sky-high, with some estimates projecting that the annual cost of cybercrime losses and damage will reach $6 trillion by 2021. Fast-forward to the case for using DevOps and automation to bolster security.
Before we proceed, everyone who knows what we mean by “DevOps” please raise your hand. About 95 percent of you? Good. Although there are obviously many complexities, the simplest way to explain it is in equation form: Development + Operations = DevOps.
For organizations, employing a DevOps model means eliminating silos between your development and operations teams to accelerate your ability to deliver applications and services. With DevOps, engineers from both disciplines typically work together on a single team in a speedier process that is continuous rather than segmented or tiered. “This speed enables organizations to better serve their customers and compete more effectively in the market,” says tech behemoth Amazon.
While there is widespread agreement around the benefits of DevOps (75 percent of executives in a recent survey), many enterprises are slow to make the transition (in the same survey just 20 percent described their adoption level as high). And you won’t be surprised to learn that the chief roadblock in the DevOps transformation journey is the concern we’ve already cited above—speed vs. security.
According to CSOonline.com:
“The simple premise of DevSecOps (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/devops/leverage-devops-automation-bolster-security/