Putting Security Into DevOps
Can DevOps be one of the most disruptive trends ever to hit software development, or even application security?
What you will learn
In this research paper, "Putting Security Into DevOps," analyst firm Securosis assesses how DevOps enables developers to integrate security testing, validation and monitoring into both application development and deployment. The paper will dive into the components of the current DevOps framework and how to put security into the processes of DevOps, as well as the pre-cursor steps of continuous integration and continuous deployment.
In this paper, security professionals who work with DevOps development teams, as well as developers and operational teams new to security, will learn about:
- Prevalent operational challenges DevOps addresses, such as process bottlenecks, technical debt and security
- Various touchpoints through which teams can map these processes into the secure software development lifecycle
- Embedding security into the DevOps framework through various testing and monitoring techniques, such as static analysis and vulnerability analysis
- Approaches and best practices for supporting DevOps and making security part of the operational process of integrating and delivering code