/ DevOps Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Automate or Die (RSA 2016)

DZone's Guide to

Automate or Die (RSA 2016)

Check out this quick interview with Adrian Sanabria of 451 Research about how automation is key to maintaining sustainable security.

by
·
Mar. 10, 16 · DevOps Zone ·
Free Resource

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Do you need to strengthen the security of the mobile apps you build? Discover more than 50 secure mobile development coding practices to make your apps more secure.

Image title

"Most companies out there are having trouble with resources," said Adrian Sanabria (@sawaba), Senior Security Analyst, 451 Research, who realizes throwing more bodies or money at an ever-growing security problem simply isn’t sustainable.

The solution is to automate, said Sanabria, or die. Sure, he’s aware most people are nervous about automation, but it’s necessary. The issue is securing your business. And, the attackers aren’t going to wait.

"Email is not a good API," said Sanabria in our conversation at the 2016 RSA Conference in San Francisco. The standard systems we have in place for securing, chains of human actions (e.g., downloading patches), and human-to-human commands (e.g., assigned tasks) have too many fail points and eat up far too much time.

APIs are the wave of the future, said Sanabria. We need tools and people who can automate things that integrate with all new technologies.

Sanabria is not lost on the obvious complications.

"There’s a constant balance between risk and disruption to the business, or disruption to the users, that you’re going to have to balance with automation," he said.

To start, look for the easy wins, such as compliance, said Sanabria.

It’s not agile IT. It’s not DevOps. It’s just security, added Sanabria. This is the new paradigm of security and that’s how we all have to address it. Automation is key to maintaining security.


Originally posted on CloudPassage

Check out tips for blazing the way from agile to DevSecOps with security built into your mobile app toolchain.

Like This Article? Read More From DZone

Automating Application Security In Modern Software Projects
DevSecOps: Catching Fire
DevSecOps: A More Deterministic Approach

Free DZone Refcard

Code Review Patterns and Anti-Patterns
DOWNLOAD
Topics:
security ,automation ,devops

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

DevOps Partner Resources

Collect, consolidate, index, search, and troubleshoot your servers' logs quickly using an intuitive, unified web client
How InfluxDB outperforms Cassandra by 20x for Time Series Data Management
The Importance of Historical Log Data
The DevOps Challenge: Open Source Security at Scale [Webinar]
DevSecOps Reference Architectures
Make Keys and Certificates Secure Without Breaking Your DevOps Practices
Why Time-Series DBs matter - How InfluxDB outperforms MongoDB by 3x
Secure Mobile Development Best Practices
The Transformative Technologies Driving DevOps
Analyze virtual machine workloads and host resource utilization on your vSphere environment
Incidents Are Costly. Prevention is Free. xMatters Free: on-call scheduling, notifications, and integrations
Want to build security into your mobile apps? Get this checklist of items to consider.

DevOps Partner Resources

Collect, consolidate, index, search, and troubleshoot your servers' logs quickly using an intuitive, unified web client
How InfluxDB outperforms Cassandra by 20x for Time Series Data Management
The Importance of Historical Log Data
The DevOps Challenge: Open Source Security at Scale [Webinar]

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone