Set DevSecOps in Motion with Minimal Commotion

DevOps professionals continue to believe they can’t do their jobs properly because security slows down operations. Security pros, meanwhile, have largely failed to integrate security measures into DevOps initiative, resulting in unproductive friction.

I share the view that bridges the two sides by having information security professionals become actively involved in DevOps initiatives while remaining true to the spirit of DevOps, or as the it’s called, DevSecOps. Information security pros need to buy into DevOps’ philosophy of teamwork, coordination, agility and shared responsibility. Not doing so will only further widen the current divide between DevOps and security.

DevSecOps should be a shared company objective where security checks and controls are applied automatically and transparently throughout the development and delivery of IT-enabled services in rapid-development DevOps environments.

Simply layering on standard security tools and processes won't work. Secure service delivery starts in development, and the most effective DevSecOps programs will start at the earliest points in the development process and follow the workload throughout its lifecycle.

To set your DevOps in motion visit the full blog.