Infosec expert viewpoint: DevOps security

In talking to companies all over the U.S, it is almost unanimous that DevOps is here to stay. DevOps modernizes the software development life cycle and deployment to account for the way businesses are run. I would say 90-95% of enterprise companies have some sort of DevOps initiative and are investing significant time and resources into the DevOps initiative. Organizations that have truly implemented DevOps are already seeing significant results in terms of application quality and speed to market. Along with the benefits of creating effective and efficient software applications, DevOps can ensure organizations are secure by simply following the integration and automation process that already exists within development. If security is bolted on as an addition or implemented outside of the DevOps process – instead of automated like CI/CD and baked into the practice – it will not be successful. This removes the manual aspect of security testing which produces push back from developers and DevOps players. However, DevOps players are not security experts and their primary goal is releasing quality software faster.
Skip to content