Hot Button 2016: How DevOps and Automation Bolster Security and Compliance

devsecops-techbeaconAs 2016 has arrived, we reflect upon one of the most debated issues around DevOps in 2015 – Information Security (InfoSec) and compliance. Needless to say, both are critical to an enterprise (especially given past examples of data breaches and looming cybersecurity threats). As a result, the combination of InfoSec and DevOps practices can be viewed as counter-intuitive, since the ability to “go faster” can be seen as a potential risk to security mechanisms in place, and thus harder to ensure compliance and enable auditability.

However, we repeatedly heard a different story in 2015 – InfoSec teams are embracing DevOps as the practice that enables – and enforces – security and compliance requirements. But how?

To answer this question, I had the pleasure of working with TechBeacon on a new story for the ‘New Year’ that outlines the different ways of how DevOps is increasingly underpinning the security blanket for enterprise IT organizations. In fact, DevOps provides a huge opportunity for better security across an entire company. Many of the practices that come with DevOps, such as automation, emphasis on testing, faster feedback loops, improved visibility, collaboration, consistent release practices, and more, are fertile ground for integrating security and audit capabilities as a built-in component of your DevOps processes.

For the 9 ways that I think DevOps and automation bolster security and compliance, read the article on TechBeacon »

If you want to hear what other experts are saying on the subject, be sure to check out Episode 29 of our Continuous Discussions (#c9d9) video podcast where we talk with James DeLuccia and Jonathan McAllister about “Security & Compliance as part of your DevOps Processes.”

Anders Wallgren

Anders Wallgren is Chief Technical Officer of Electric Cloud. Anders brings with him over 25 years of in-depth experience designing and building commercial software. Previously, Anders held executive and management positions at Aceva, Archistra, Impresse, Macromedia (MACR), Common Ground Software and Verity (VRTY). Anders holds a B.SC from MIT.

By continuing to browse or by dismissing this alert you agree to the storing of first- and third-party cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. See privacy policy.