DevSecOps: The Marriage of SecOps and DevOps

IT and software development, departments that have historically had a somewhat contentious relationship, are on a collision course – and at the center of this convergence is security.The rapid adoption of public cloud infrastructure is enabling new levels of cost efficiency, business agility and development capability for organizations of all sizes.Now, with just a few clicks or API calls, any business has access to world-class infrastructure and scale, enabling new ideas and services to be built and released as fast as agile development and DevOps teams can deploy.While enterprises continue to embrace cloud technologies, automation, and Agile and DevOps practices, IT departments must adapt to support and embrace these new models or risk becoming irrelevant.In traditional datacenter environments, perimeter security controls and pervasive appliance-based security tools dominate the conversation.When the control of complex infrastructure moved outside of the company datacenter, however, the methodologies for securing infrastructure changed forever.They enabled new capabilities such as on-demand scaling, micro-perimeterization of security controls, per-resource granular security policies, and much more that can be used advantageously in complex environments.These controls can be tightly integrated to your CI/CD pipeline and become operationalized much like monitoring, APM, and other tools that DevOps teams live by.We’re now seeing a new “marriage” of SecOps and DevOps that is creating a whole new mentality for driving innovation inside and outside of organizations. DevOps and security teams are now actively collaborating as peers, rather than in the traditional requestor/approver relationship, and making a seat at the table for security professionals.With the rise of DevSecOps, we get to truly redefine how operations, engineering, and security can be brought together in harmony to achieve unparalleled success. DevSecOps is propelling forward-thinking organizations by doing something simple — fostering collaboration of seemingly contradictory teams to align their disparate goals into a singular effort.Join us at BSidesSF on Sunday, February 28, 2016 at the DNA Lounge in San Francisco where we will discuss how DevSecOps is accelerating security intelligence to keep pace with the continuously updated environments, and enables teams to detect problems sooner, respond faster, and protect their resources more effectively.This talk will commence at 5:30pm sharp – see you there! 


About the Author: CEO Tim Prendergast co-founded to help others avoid the pain he endured when helping Adobe adopt the cloud at a massive level. After years of building, operating, and securing services in AWS, he set out to make security approachable and repeatable for companies of all sizes. Prendergast also led technology teams at Adobe, Ingenuity, Ticketmaster, and McAfee. Tim has spoken at dozens of conferences such as AWS re:Invent, multiple CSA Summits including CSA Federal, the Defrag Conference, and the Velocity Conference, to name a few.Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.Title image courtesy of ShutterStock 

Leave a Reply