Skip to content
CTP is part of HPE Pointnext Services.   Explore our new services here →
  • The Doppler Report
Cloud TP Logo
  • Thought Leadership
  • Clients
  • Services
  • Careers
  • Contact Us

Cloud Technology Partners

CLOUD SERVICES

  • The Cloud Adoption Program
  • Application Migration
  • Software Development
  • Infrastructure Modernization
  • DevOps & Continuous Delivery
  • Cloud Security & Governance
  • Cloud Strategy Consulting

TECH DOMAIN

  • Amazon Web Services
  • Google Cloud Platform

ABOUT US

  • Company Overview
  • Leadership Team
  • Partners
  • News & Recognition
  • Announcements
  • Weekly Cloud Report
  • Client Case Studies
  • Events

CAREERS

  • Join Us
  • Job Opportunities
 Cloud Technology Partners
  • Doppler Home
  • Client Case Studies
  • Podcasts
  • Videos
  • White Papers
  • Quarterly
  • Events
  • Subscribe

DevSecOps: Add Security to Complete Your DevOps Process

New data shows that enterprises are moving to DevOps with integrated security teams, processes, and tools. That should be standard practice.
David Linthicum Cloud Pundit
October 19, 2017October 19, 2017 THE DOPPLER
Share this 
doppler_mail1

For more content like this, Get THE DOPPLER
email every Friday.
 
Subscribe here  chevron_right

As seen in a recent DigiCert report, an overwhelming majority of companies believe that an integrated security and DevOps team makes sense. In fact, 98 percent of survey 300 US respondents (a third from IT or security) are either planning to or have already launched such an effort.

This is good, if unsurprising, news. For years, I’ve been saying DevOps is really DevSecOps, and so have many others. Most enterprises are now following that lead.

But it took years to get here. Why? If you don’t have people, tools, and processes focused on security, you’re not providing systemic security at platform, application, and the data levels. Enterprises are now getting hip to this fact.

As enterprises move to the cloud, they are taking advantage of the centralized nature of public clouds and exploiting the security subsystems that exist there. However, it’s one thing to have a security service available, and it’s another thing to intelligently integrate those cloud security services into your application development and operations processes.

By integrating security into devops, I am talking about security testing, such as penetration testing, within the devops process and using the ability to check for other vulnerabilities at the time of deployment, as well as at the platform, application, and data tiers within the workloads.

A big bonus is the ongoing improvement of security within the DevOps process, in which each time a workload goes through a DevOps process, it becomes more secure than it had been.

In other words, integration of security into DevOps results in being much more proactive around security and always looking to improve security. Security needs to be systemic to all things cloud. And, in essence, DevOps teams become the first line of defense for what’s placed in the clouds for production, as well as how secure those production workloads are.

The integration of security teams, processes, and tools into DevOps is more than common sense, it should be mandatory for all enterprises moving to DevOps and cloud computing—which is pretty much everybody now.

This article originally appeared on InfoWorld and is reposted here with permission.

Share this


Related articles

 

12 Step Guide for Data Governance in a Cloud-First World

By Joey Jablonski

 

Pioneering Cloud in the Financial Services Industry

By Alexey Gerasimov

 

3 Arguments Against Enterprise SaaS That Fall Flat

By Mike Kavis

Related tags

DevOps   Security & Governance

David Linthicum

David Linthicum is an internationally recognized cloud computing expert and thought leader. With more than 13 books on computing, 3,000 published articles, 500 conference presentations and numerous appearances on radio and TV programs, David has spent the last 30 years teaching businesses how to use resources more productively.

Full bio and recent posts »



Find what you're looking for.

Visit The Doppler topic pages through the links below.

PLATFORMS

AWS
CTP
Docker
Google
IBM
Kubernetes
Microsoft Azure
OpenStack
Oracle
Rackspace

BEST PRACTICES

App Dev
App Migration
Disaster Recovery
Change Management
Cloud Adoption
Cloud Economics
Cloud Strategy
Containers
Data Integration
DevOps
Digital Innovation
Hybrid Cloud
Managed Services
Security & Governance

SUBJECTS

Big Data
Blockchain
Cloud Careers
CloudOps
Drones
HPC
IoT
Machine Learning
Market Trends
Mobile
Predictive Maintenance
Private Cloud
Serverless Computing
Sustainable Computing
TCO / ROI
Technical "How To" Vendor Lock-In

INDUSTRIES

Agriculture
Energy & Utilities
Financial Services
Government
Healthcare
Manufacturing
Media & Publishing
Software & Technology
Telecom

EVENTS

CES
DockerCon
Google NEXT
Jenkins
re:Invent


 

Get The Doppler

Join 5,000+ IT professionals who get The Doppler for cloud computing news and best practices every week.

Subscribe here


Services

Cloud Adoption
Application Migration
Digital Innovation
Compliance
Cost Control
DevOps
IoT

Company

Overview
Leadership
Why CTP?
News
Events
Careers
Contact Us

The Doppler

Top Posts
White Papers
Podcasts
Videos
Case Studies
Quarterly
Subscribe

Connect

LinkedIn
Twitter
Google +
Facebook
Sound Cloud

CTP is hiring.

Cloud Technology Partners, a Hewlett Packard Enterprise company, is the premier cloud services and software company for enterprises moving to AWS, Google, Microsoft and other leading cloud platforms. We are hiring in sales, engineering, delivery and more. Visit our careers page to learn more.

CWC-blue-01

© 2010 - 2019 Cloud Technology Partners, Inc., a Hewlett Packard Enterprise company. All rights reserved. Here is our privacy policy CTP, CloudTP and Cloud with Confidence are registered trademarks of Cloud Technology Partners, Inc., or its subsidiaries in the United States and elsewhere.

Do Not Sell My Personal Information

  • Home
  • Cloud Adoption
  • Digital Innovation
  • Managed Cloud Controls
  • The Doppler Report
  • Clients
  • Partners
  • About CTP
  • Careers
  • Contact Us
  • Most Recent Posts
  • All Topics
  • Podcasts
  • Case Studies
  • Videos
  • Contact
Our privacy statement has been changed to provide you with additional information on how we use personal data and ensure compliance with new privacy and data protection laws.  
Please take time to read our new Privacy Statement.
Continue