Security + DevOps: How to Get it Right
Security + DevOps: How to Get it Right
Learn about the best practices for enforcing security and ensuring compliance and auditability as part of your DevOps processes.
Join the DZone community and get the full member experience.
Join For FreeLearn more about how CareerBuilder was able to resolve customer issues 5x faster by using Scalyr, the fastest log management tool on the market.
The pervasiveness of software is driving the dynamics of business transactions everywhere. We live in a time of a highly competitive and truly global economy where the question being answered among businesses now is n “who can innovate the fastest?”
To keep pace with the increasing velocity of software updated being introduced to the market, enterprises embrace DevOps and Continuous Delivery practices, along with implementing a fully-automated software delivery process, in order to keep up with the demand to go faster. .
But DevOps and the automation of build, test and deployment processes also shine a light on another ever-present and evolving business factor – security and compliance.
James DeLuccia, author of IT Compliance and Controls: Best Practices for Implementation – and a panelist on the upcoming #c9d9 next week on Security and Compliance in DevOps — wrote a great article in the WSJ about how this IT transformation paradigm is affecting the financial services industry specifically and the how audit and compliance functions evolves as a result.
Information Security (InfoSec) and compliance are critical to businesses across the globe, especially given past examples of data breaches and looming cybersecurity threats. As a result, InfoSec has initially looked at DevOps – and the ability to “go fast” – as a risk to security controls, and ensuring compliance and auditability.
However, we increasingly see InfoSec teams embracing DevOps as the practice that enables – and enforces – security and compliance requirements. Enterprises that have taken the “DevOps plunge” have shown – consistently – that automation, improved visibility, collaboration, consistent release practices, and other DevOps practices actually mitigate potential security problems, discover issues faster and address threats more quickly, while maintaining high velocity and fast time-to-market on the side of the business.
Want to learn more about this topic and join the conversation? Join James DeLuccia, Jonathan McAllister (author of Mastering Jenkins, automator and business consultant), Nikhil Vaze and me on Tuesday, November 24 – as Continuous Discussions (#c9d9) discusses the best practices for enforcing security and ensuring compliance and auditability as part of your DevOps processes.
Find out more about how Scalyr built a proprietary database that does not use text indexing for their log management tool.
Like This Article? Read More From DZone
Opinions expressed by DZone contributors are their own.
{{ parent.title || parent.header.title}}
{{ parent.tldr }}
{{ parent.linkDescription }}
{{ parent.urlSource.name }}