Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

There Is No ''Time'' for Security [Video]

DZone's Guide to

There Is No ''Time'' for Security [Video]

As the pace of technology intensifies, the old way of thinking about security doesn't cut it, especially when it comes to the cloud. It has to be built-in, and everyone plays a part.

· Cloud Zone
Free Resource

Are you joining the containers revolution? Start leveraging container management using Platform9's ultimate guide to Kubernetes deployment.

“There’s less and less separation between building out the application and building out the infrastructure. Security has to be built in. It has to be automated. It’s no longer something we deploy manually,” said Adrian Sanabria (@sawaba), senior security analyst, 451 Research in our conversation at the Black Hat USA 2016 conference in Las Vegas. “We deploy [security] with APIs just like we deploy our infrastructure with APIs.”

The buyer of security products is changing as well. For example, an automation engineer could be responsible for purchasing a security product, said Sanabria. As IT changes so does security. It’s now everybody’s problem and job function.

How do you manage security where the old way of thinking doesn’t apply anymore?

Infrastructure is now code in the cloud. There are different roles deploying infrastructure. Because of that, we need those roles involved in security, said Sanabria.

There’s no opportunity to wait for security, hand it off to someone and wait for them to respond, he added. Security has zero time. It has to be done as the project progresses.

To combat this “we’re seeing more tools where security checks are automatically done as developers write code and as they deploy code,” said Sanabria.

“In the past security was more of a ‘what product do you buy to solve this problem.’ Now it’s do we build a solution or do we buy? And if we buy how do we integrate that into the workflows and the processes we already set up?” asked Sanabria.


Using Containers? Read our Kubernetes Comparison eBook to learn the positives and negatives of Kubernetes, Mesos, Docker Swarm and EC2 Container Services.

Topics:
cloud security ,infrastructure

Published at DZone with permission of David Spark. See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}