The Security Policy to Development Procedure Gap

May 21, 2018

The Security Policy to Development Procedure Gap

Research Director, Altaz Valani, offers expert advice on DevSecOps practices and what is needed to close the security policy-to-development procedure gap:  

Usually, when we talk about DevOps, there's an emphasis on development and operational activities. Often, a key focus is neglected: how we inject security into the DevOps context.

If we examine the confluence of events leading to the current issues we face around security and DevOps, two broad factors become clear. For one, security has been left behind in the DevOps discussion, as traditional (useful) security controls haven't fully migrated into the DevOps workflow. Secondly, for those teams that embed security into DevOps, the security mindset gets in the way of rapid release cycles. This leads to hasty or missed security reviews.

To read more, visit here: https://www.alienvault.com/blogs/security-essentials/the-security-policy-to-development-procedure-gap

Previous Article
'Shift Left' & the Connected Car - Security Compass COO Rohit Sethi on improving application security in the automotive industry
'Shift Left' & the Connected Car - Security Compass COO Rohit Sethi on improving application security in the automotive industry

Learn what security expert, Rohit Sethi has to say about connected car security.

Next Article
Security Compass Research Director, Altaz Valani quoted in The Enterprisers Project 'DevSecOps: 7 habits of strong security organizations'
Security Compass Research Director, Altaz Valani quoted in The Enterprisers Project 'DevSecOps: 7 habits of strong security organizations'

Learn what security expert, Altaz Valani has to say about DevSecOps.