DevOps is the hottest moving target when it comes to software development methodologies. Many people fear that this fast-paced, barrier-breaking movement will leave information security best practices in the dust. Analysts provide recommendations to security professionals using bingo-laden terms like “moving security to the left” or “get a seat at the table.” What we need are real-world examples and tactics for security practitioners to be part of DevOps.
In his session at DevOps Summit, Andrew Storms, a DevOps and Information Security professional, discussed how DevOps done right with the inclusion of Information Security, produces products and processes with the potential to be even more secure.