DevOps Security Needs More Tooling – InApps Technology 2022

Main Contents:

DevOps Security Needs More Tooling – InApps Technology is an article under the topic Devops Many of you are most interested in today !! Today, let’s InApps.net learn DevOps Security Needs More Tooling – InApps Technology in today’s post !

Read more about DevOps Security Needs More Tooling – InApps Technology at Wikipedia

You can find content about DevOps Security Needs More Tooling – InApps Technology from the Wikipedia website

DevOps teams are involved with security but they need to do more. Two recent studies show that tooling is inadequate and that security is not properly integrated into the entire DevOps process.

A DevOps survey of over 1,000 IT pros by Logz.io found that DevOps handles security at 55 percent of organizations. The finding is unsurprising because 1) efforts to shift security left have often been implemented by DevOps teams responsible for interacting with the entire organization, and 2) 32 percent of the respondents were DevOps engineers. Whether or not this means these organizations actually do DevSecOps, 56 percent said they are at least beginning to implement the practice.

Source: The 2018 DevOps Pulse

Just like with DevOps, DevSecOps can be viewed as either a culture or set of tools. Culture is inoculated via training developers, On the software side, DevSecOps is sometimes defined by the use of automated security testing and code dependency testing. As a sign that current software can do more, 57 percent of the Logz.io respondents said there are not enough tools available to make them successful at DevSecOps.

A different survey by Freeform Dynamics, The Register and Checkmarx provides more perspective on how different teams have to work together to make DevSecOps work. When asked about software security challenges, 62 percent of respondents strongly agreed that developers, testers, security specialists and ops staff need to work together. This desire has yet to match reality. More than half (56 percent) believe that integration of security into the entire DevOps process is either poorly done or non-existent.

Software integrated into a CI/CD pipeline can address some of the need to integrate security into the entire DevOps process. Yet, if this is the case, does that mean that DevOps engineers will be stuck executing the security requirements of Information Security and babysitting Development? Stay tuned for the InApps Technology’s next installment in the ongoing DevSecOps saga.

Source: Managing Software Exposure

Feature image via Pixabay.

InApps Technology is a wholly owned subsidiary of Insight Partners, an investor in the following companies mentioned in this article: Checkmarx.

Source: InApps.net

Rate this post

Phu Nguyen

As a Senior Tech Enthusiast, I bring a decade of experience to the realm of tech writing, blending deep industry knowledge with a passion for storytelling. With expertise in software development to emerging tech trends like AI and IoT—my articles not only inform but also inspire. My journey in tech writing has been marked by a commitment to accuracy, clarity, and engaging storytelling, making me a trusted voice in the tech community.