From the Blogosphere
What Is DevSecOps? How to Automate Security Testing | @DevOpsSummit #DevOps #Security
Software applications are complex and can potentially have lots of different types of security issues
By: Stackify Blog
Aug. 22, 2017 05:00 PM
What Is DevSecOps? How to Automate Security Testing
Every company wants to see their company getting press and media attention. Unless it is due to a hacker and a security breach. Every few weeks you see in the media stories of companies who were hacked. Getting a new credit card every few months because the data was hacked has been routine for most of us. The more that our world revolves around the internet and technology, the more cyber security becomes a big deal.
Software applications are complex and can potentially have lots of different types of security issues. The issues range from bad code to misconfigured servers and everything in between. Solving this problem requires everyone to always be thinking about security implications of what they are working on. DevSecOps is a new movement to do just that. The goal is to get developers to be thinking more about security principles and standards as they are building their applications.
Integrating DevOps + Security = DevSecOps
Adding security to this same automation is the goal of DevSecOps. Companies want to create strong security policies and standards without slowing down the development process. Security has to be part of the process and automated to not slow us down.
Things like DevOps and DevSecOps continue to change the meaning of the software development life cycle (SDLC). This image does a good job of visualizing it.
Tools for Automating Security Testing
Hopefully, this gives you some ideas of the types of security testing and automation that can be built into your development process. Check out this list on GitHub which provides a huge list of tools and resources.
Security Unit Tests
For example, as part of your deployment process perhaps you provision new servers or deploy some Docker containers. You could then automatically run some various basic security tests.
The post What is DevSecOps? How to Automate Security Testing appeared first on Stackify.
Latest AJAXWorld RIA Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week