DevSecOps is now clearly established as an essential approach to build in security early in an application's lifecycle. The necessary tooling is also available to integrate security activities in modern software delivery pipelines. Yet we keep hearing about high profile breaches in the news (from which you might or might not want to think about how many lower-profile breaches happen on a regular basis). Why are the tools not enough?
With this eMag, we present you expert security advice on how to effectively integrate security practices and processes in the software delivery lifecycle, so that everyone from development to security and operations understands and contributes to the overall security of the applications and infrastructure.
Free download
The InfoQ eMag - DevSecOps in Practice includes:
- The Three Faces of DevSecOps - DevSecOps is here to stay, as more vendors use the term. But what is it? A security solution that supports DevOps technologies, or adapts to DevOps methodologies, or embraces the DevOps philosophy?
- Five Lessons Security Can Learn from DevOps - New approaches in security are needed to address the challenges of DevOps. They must incorporate practices that rely on modularity, automation, standardization, auditability, and mirrored systems.
- A Security Approach for a Cloudy World: An Interview with Pete Cheslock - Does your approach to application and data center security change when adopting cloud services? InfoQ reached out to Pete Cheslock, from Threat Stack to learn more.
- A 4-Step Guide to Building Continuous Security into Container Deployment - Containers face security risks at every stage, from building to shipping to the run-time production phases. Securing them requires a layered strategy throughout the stack and the deployment process.
- Developing a Secure and Scalable Web Ecosystem at LinkedIn - LinkedIn’s hyper-growth placed strains on the organization’s infrastructure. A new release model was instrumental to scale and led to increased code quality, security, and member satisfaction.
InfoQ eMags are professionally designed, downloadable collections of popular InfoQ content - articles, interviews, presentations, and research - covering the latest software development technologies, trends, and topics.