Transitioning from DevOps to DevSecOps

Introduction

DevOps is essentially the combination of software development and IT operations, and it is found in many enterprise environments. DevOps initially started as a process that fostered an agile type of relationship between developers and IT operations teams. This led to much more rapid development and deployment times and facilitated better communication between different departments within the organization.

DevOps helped developers to better understand the operational requirements of the organization while letting the operations side see how the development process would affect the daily functioning of the systems within the organization. The deployment technologies could be built into the software which meant that the finished products could be shipped in record time.

DevOps merges many different disciplines together and has a large focus on automation. As the name suggests, software development frameworks and concepts become a fused team that works towards the same goal.

Because DevOps treats much of the operational work with the same processes that software development does, it’s possible to roll out large-scale deployments with very little human intervention while still maintaining high visibility within the environment that it is operating in. Automation makes deployments much easier and faster to accomplish.

Many DevOps professionals are finding that the increased focus of security requirements is changing the way that applications are developed, and this means changing the way that products are created. We are going to find out how you can transition into DevSecOps and how you can leverage your skills and apply them to this important role.

What is DevSecOps?

On the surface, DevSecOps is very similar to DevOps, but it has enhanced protections built into the process. This is because many security best practices are now integrated into the products that are being developed. DevSecOps relies on collaborations and teamwork to create more secure applications (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Graeme Messina. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/eES8vueORUA/