Breaking Bad: DevOpsSec to DevSecOps

Editor’s Note: This post came from an energetic session at All Day DevOps. Don’t miss the upcoming All Day DevOps | Spring Break, a free event on April 17. New television series spoilers might be available, there, too — you’ll need to register here to find out.

Today Sean Davis (@seanasaservice) will guide us through DevSecOps from a holistic view, using the story of Breaking Bad as the basis for our exploration. So let’s keep an open mind while we kick things off. And get ready for some Breaking Bad spoilers!

Breaking Bad Characters

Let’s start off with Walter. He’s a seasoned pro. He’s seen trends come and go, so he’s a bit skeptical. He wants to transform DevOpsSec to DevSecOps.

Jesse is our code slinger and has seen it all. He loves a challenge and has street cred.

Todd represents security. He’s not the smartest guy in the room, but makes up for it with ingenuity and creativity. He’s never met a website he can’t hack.

Then Lydia is operations, and she’s always on. She’s about the uptime. And she’s constantly in planning mode.

Finally, Saul is the voice of the businessman: clever, charismatic, and able to sell his way into and out of anything.

A Word on DevSecOps and the Periodic Table of DevOps

Many people say that if you’re doing DevOps, security should be built in. It should, but security didn’t have a seat at the table when DevOps came about. However, now all three have a seat at the table. All three have been integrated and aligned at each step to deliver value.

DevSecOps is more like DevOps 2.0. But it doesn’t matter what you call it. It matters what you do with it.

When you look at everything in play (Read more...)

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Sylvia Fronczak. Read the original post at: