IT and software development, departments that have historically had a somewhat contentious relationship, are on a collision course – and at the center of this convergence is security.
The rapid adoption of public cloud infrastructure is enabling new levels of cost efficiency, business agility and development capability for organizations of all sizes.
Now, with just a few clicks or API calls, any business has access to world-class infrastructure and scale, enabling new ideas and services to be built and released as fast as agile development and DevOps teams can deploy.
While enterprises continue to embrace cloud technologies, automation, and Agile and DevOps practices, IT departments must adapt to support and embrace these new models or risk becoming irrelevant.
In traditional datacenter environments, perimeter security controls and pervasive appliance-based security tools dominate the conversation.
When the control of complex infrastructure moved outside of the company datacenter, however, the methodologies for securing infrastructure changed forever.
They enabled new capabilities, such as on-demand scaling, micro-perimeterization of security controls, per-resource granular security policies, and much more, that can be used advantageously in complex environments.
These controls can be tightly integrated to your CI/CD pipeline and become operationalized much like monitoring, APM and other tools that DevOps teams live by.
We’re now seeing a new “marriage” of SecOps and DevOps that is creating a whole new mentality for driving innovation inside and outside of organizations. DevOps and security teams are now actively collaborating as peers, rather than in the traditional requestor/approver relationship, and making a seat at the table for security professionals.
With the rise of DevSecOps, we get to truly redefine how operations, engineering and security can be brought together in harmony to achieve unparalleled success.
DevSecOps is propelling forward-thinking organizations by doing something simple – fostering collaboration of seemingly contradictory teams to align their disparate goals into a singular effort.
If you’re already using DevOps tools, I hope this gave you some ideas of how Tripwire can work with your tools and process.