DevOps Security Needs More Tooling – InApps Technology is an article under the topic Devops Many of you are most interested in today !! Today, let’s InApps.net learn DevOps Security Needs More Tooling – InApps Technology in today’s post !
Read more about DevOps Security Needs More Tooling – InApps Technology at Wikipedia
You can find content about DevOps Security Needs More Tooling – InApps Technology from the Wikipedia website
DevOps teams are involved with security but they need to do more. Two recent studies show that tooling is inadequate and that security is not properly integrated into the entire DevOps process.
A DevOps survey of over 1,000 IT pros by Logz.io found that DevOps handles security at 55 percent of organizations. The finding is unsurprising because 1) efforts to shift security left have often been implemented by DevOps teams responsible for interacting with the entire organization, and 2) 32 percent of the respondents were DevOps engineers. Whether or not this means these organizations actually do DevSecOps, 56 percent said they are at least beginning to implement the practice.
Source: The 2018 DevOps Pulse
Just like with DevOps, DevSecOps can be viewed as either a culture or set of tools. Culture is inoculated via training developers, On the software side, DevSecOps is sometimes defined by the use of automated security testing and code dependency testing. As a sign that current software can do more, 57 percent of the Logz.io respondents said there are not enough tools available to make them successful at DevSecOps.
A different survey by Freeform Dynamics, The Register and Checkmarx provides more perspective on how different teams have to work together to make DevSecOps work. When asked about software security challenges, 62 percent of respondents strongly agreed that developers, testers, security specialists and ops staff need to work together. This desire has yet to match reality. More than half (56 percent) believe that integration of security into the entire DevOps process is either poorly done or non-existent.
Software integrated into a CI/CD pipeline can address some of the need to integrate security into the entire DevOps process. Yet, if this is the case, does that mean that DevOps engineers will be stuck executing the security requirements of Information Security and babysitting Development? Stay tuned for the InApps Technology’s next installment in the ongoing DevSecOps saga.
Source: Managing Software Exposure
Feature image via Pixabay.
InApps Technology is a wholly owned subsidiary of Insight Partners, an investor in the following companies mentioned in this article: Checkmarx.
Source: InApps.net
Let’s create the next big thing together!
Coming together is a beginning. Keeping together is progress. Working together is success.
