BT

New Early adopter or innovator? InfoQ has been working on some new features for you. Learn more

RSA Panelists Reinforce that DevOps Boosts Application Security

| by Matthias Marschall Follow 0 Followers on Mar 31, 2013. Estimated reading time: 1 minute |

Smaller releases, automated testing, and a culture that embraces security are the reasons why panelists at the RSA 2013 conference say that DevOps can be a huge boon for application security.

Nick Galbreath, vice president of engineering for IPONWEB, has studied DevOps organizations. He finds it amazing that DevOps organizations have a culture that embraces security even though their high deploy rates of new code into production could jeopardize application security.

Josh Corman, director of security intelligence for Akamai Technologies, emphasizes that rapid deployments offer more opportunities to fix issues quickly. He even goes one step further claiming that complexity is the enemy of stability. A DevOps approach reduces complexity due to less code changes going live. And David Mortman, chief security architect for enStratus, adds that less code leads to less complexity and less security bugs.

Another way how DevOps supports application security is the possibility to add security unit tests and functional tests, said Mortman. This approach is not new: Nick Galbreath presented this idea at DevOpsDays Austin 2012 during his talk about "DevOpsSec: Appling DevOps Principles to Security".

In his book "The Phoenix Project" Gene Kim picks the integration of application security into a DevOps culture out as a central theme.

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT