It’s no secret that devops and IT security, like oil and water, are hard to mix. After all, devops is all about going fast, while security is all about proceeding carefully. However, both devops and security serve a higher authority—the business—and the business will be served only if devops and security learn to get along.
Security can (and should) be baked into the devops process, resulting in what is often referred to as devsecops. IT security teams are obliged to understand how applications and data move from development and testing to staging and production, and to address weaknesses along the way. At the same time, devops teams must understand that security is at least partly their responsibility, not merely slapped onto the application at the very end. Done right, security and devops go hand in hand.
To read this article in full or to leave a comment, please click here