Digital Transformation Highlights the Need for DevSecOps
Developers need to be included into the security flow to catch code flaws sooner and establish behavioral baselines required to safeguard modern, user-facing applications. And the CISO’s role is evolving to be an enabler for the engineering team. This gives CISOs a unique opportunity to lead the organization with this change.
The broad digital transformation of organizations around the world continues to gather steam. Today, every company and organization must support a significant and diverse technology infrastructure. In reality, every major company is also a software company. It must have developers and a developer operations (DevOps) team to build and improve its digital assets – applications, websites, databases, cloud computing servers and more.
During the first part of the great Digital Transformation, DevOps empowered developers to manage infrastructure like software code. It did this by allowing them to both deploy applications and, with the same set of tools, describe how, when and where those applications should run. Developers used to have to wait days or weeks to get a new server provisioned for an application. Now they can do it in seconds with modern DevOps tools.
The Next Wave: DevSecOps
The next wave of the Digital Transformation must be security. To date, security has operated in a separate realm than software development. That must change. DevOps has accelerated the velocity and increased the frequency of application code changes and deployments. Today many large applications are updated with new code multiple times per day thanks to DevOps and Continuous Integration / Continuous Development (CI/CD). This would not have been possible in the pre-DevOps era.
This velocity means applications are developed faster but it also introduces security risks. The only way to keep that code safe is to provide the developers themselves with security tools that they can use within their existing (Read more...)
*** This is a Security Bloggers Network syndicated blog from PerimeterX Blog authored by PerimeterX Blog. Read the original post at: https://www.perimeterx.com/resources/blog/2020/digital-transformation-highlights-the-need-for-devsecops/
