Categories
Company Formation

How to implement security in Devops [Video]

Cross-functional teams and security

Zimmerman’s first recommendation is the formation of cross-functional team security efforts. Training quality assurance and development teams in security responsibilities can ensure that everyone plays a role in maintaining security. This strategy, which Zimmerman categorizes under ‘organizational alignment’, ensures that everyone has a seat at the table and that security becomes everyone’s responsibility.

Frequent testing of business-critical apps

Zimmerman’s second recommendation is more frequent testing of business-critical applications. He suggests that pipeline integration might be an effective mechanism to achieve this. However, he warns that improper or incomplete planning can lead to misaligned strategies, which can halt the development pipeline and break workflows.

Shifting left or shifting everywhere

The third recommendation Zimmerman makes is the adoption of a ‘shift-left’ approach, or more recently, ‘’shift everywhere’. This security ideology focuses on finding and fixing defects earlier in the development process, which can help developers be more efficient with testing, remediation and shipping …

Watch/Read More