Skip links

The best Security breach For DevOps Transformation

Home » Blogs » The best Security breach For DevOps Transformation

The best security breach for a devops transformation. Qualys hosted its Qualys Security Conference 19 this week in Las Vegas. Hundreds of attendees from around the world have gathered at the Bellagio hotel. Learn more about the current state of and what the future has in store. As you might expect, given the technology landscape today, many of the sessions and discussions have revolved around DevOps benefits. And how can adapt to DevOps culture.

Shifting Technology Ecosystem integration

Scott Crawford, research vice president at 451 Research. Opened day two of the Qualys Security Conference with his keynote, “The Road Ahead for Security, IT, and DevOps.” Crawford talked about the dramatic changes over the last decade or so—from monolithic to microservices. Standalone applications to integrated software, from Waterfall to Agile, enterprise networks to IoT / OT, from standard networks to 5G wireless.And from traditional IT to DevOps. He discussed the challenges organizations face and the dilemma of doubling down on past success and missing out on innovation. The best security breach for a devops transformation

With all of the changes from this shifting technology ecosystem, there are consequences. Organizations no longer have a single point of control and IT teams. Faced with managing and protecting an increasingly complex web of interconnected platforms, applications and services.

Security and DevOps

Crawford also talked about the rise of zero trust. The best security breach for a devops transformation. He described it as a sort of mashup of the concept of least privileged access. Combined with behavioral analytics and an on-demand, just-in-time approach to managing access. The zero trust paradigm is based on the premise of never trust. Determining who is requesting access, under what conditions they’re requesting access What actions they intend to perform with that access on a case0-by-case basis.

He shared the Xebia Labs Periodic Table of DevOps tools to illustrate. The overwhelming number of options available and stressed the importance of automation. CI/CD (continuous integration/continuous deployment), RPA (robotic process automation), and SOAR (security orchestration, automation and response). Solutions have been developed to help address and manage some of the complexity of both DevOps deployments and cybersecurity. The best security breach for a devops transformation.

Qualys hosted its Qualys Security Conference 19 this week in Las Vegas. Hundreds of attendees from around the world have gathered at the Bellagio hotel to learn more about the current state. Cybersecurity and what the future has in store. As you might expect, given the technology landscape today, many of the sessions and discussions have revolved. Around DevOps and how cybersecurity can adapt to DevOps culture.Recent Posts By Tony Bradley

The Shifting Technology Ecosystem

Scott Crawford, research vice president at 451 Research. Opened day two of the Qualys Security Conference with his keynote, “The Road Ahead for Security, IT, and DevOps.” Crawford talked about the dramatic changes over the last decade or so—from monolithic to microservices. Standalone applications to integrated software, from Waterfall to Agile, enterprise networks to IoT / OT, from standard networks to 5G wireless.And from traditional IT to DevOps. He discussed the challenges organizations face and the dilemma of doubling down on past success and missing out on innovation. The best security breach for a devops transformaation.

With all of the changes from this shifting technology ecosystem, there are consequences. Organizations no longer have a single point of control and IT teams are faced with managing and protecting an increasingly complex web of interconnected platforms, applications and services.the best security breach for a devops transformaation.

Security and DevOps

Crawford also talked about the rise of zero trust. The best security breach for a devops transformation.He described it as a sort of mashup of the concept of least privileged access. Combined with behavioral analytics and an on-demand, just-in-time approach to managing access. The zero trust paradigm is based on the premise of never trust and that means determining who is requesting access. Under what conditions they’re requesting access and what actions they intend to perform access on a case0-by-case basis.

He shared the Xebia Labs Periodic Table of DevOps tools to illustrate the overwhelming number of options available and stressed the importance of automation. CI/CD (continuous integration/continuous deployment), RPA (robotic process automation), and SOAR (security orchestration, automation and response) solutions have been developed to help address and manage some of the complexity of both DevOps deployments and cybersecurity.

 Devops and Digital Transformation

Crawford’s keynote was followed by a presentation titled, “The DevOps Transformation of the Qualys Platform: Lessons Learned.” Dilip Bachwani, senior vice president of engineering and cloud operations for Qualys, talked about how the company has addressed the “innovator’s dilemma” and steps it has taken to deal with growing pains as it goes through its own digital transformation.

Bachwani explained that the engineering team at Qualys has expanded exponentially in a relatively short period. That comes with several benefits in terms of how quickly they can develop and implement new solutions, but the team also faced challenges with balancing that growth and trying to maintain velocity at the same time without sacrificing stability or reliability.

Just like every other organization going through a DevOps transformation, Qualys has had to break down silos with people, processes and tools. Bachwani explained that they needed to do things differently to automate as many functions as possible. They decided to view infrastructure and operations as software problems and find ways to fully automate deployment and configuration.

He also emphasized that security must be built in throughout the DevOps life cycle. Qualys adopted a hub-and-spoke DevOps model and developed a robust DevOps toolchain designed to combine and orchestrate an effective set of tools for developing, delivering and maintaining software. Having a standardized toolchain ensures that there is a common platform available to everyone.

Accelerating Transformation With Citizen Developers

At the end of Crawford’s keynote, he talked about the lack of people with the right knowledge and skills. Cyber Security Ventures predicts that there will be 3.5 million unfilled cybersecurity jobs by 2021. That’s just cybersecurity. What about developers and other key personnel? Crawford posed the question, “Where will we find the people to do it all?”

The answer, he said, is citizen developers. What is a citizen developer? It’s a movement to empower employees who are not developers by trade with the tools and support to implement ideas. They are the ones closest to the problem and, arguably, best equipped to understand how to solve it. They don’t need to be professional developers or need experience with coding environments. Low-code and no-code platforms give them the power to turn ideas into solutions. The best security breach for a devops transformaation.

Citizen Development Movement

A few years ago, George Hulme wrote an article on the growing citizen developer movement. Hulme noted, “The organizations that succeed with citizen development will be those that wholeheartedly embrace the movement and cultivate it, with IT’s help and guidance.”

The DevOps revolution isn’t going away. Companies that don’t embrace digital transformation will likely fade into oblivion as they are left in the dust by more innovative competitors, and organizations that don’t figure out how to integrate security into the fabric of their culture will struggle against a rapidly expanding and evolving threat landscape. The best security breach for a devops transformaation.

At this point, these things are like the ocean tide. It is coming whether you like it or not, and it will destroy those who are not prepared. Crawford wrapped up by asking the audience to consider what their role is going to be in building and maintaining the future of DevOps and cybersecurity.

This content is taken from  https://devops.com/  If you want to report please email at help@rpaperks.com

Leave a comment

Name*

Website

Comment

Bitnami