Skip to main content
Enterprise Agile Planning Image

This post is from the CollabNet VersionOne blog and has not been updated since the original publish date.

Last Updated Sep 28, 2016 — Enterprise Agile Planning expert

Fixing Flaws: Bridging InfoSec and DevOps

Enterprise Agile Planning

As software makes its way into every industry—from FinServ to FedTech—it’s become increasingly important to ensure that high security standards are being met from development through deployment. A breach today could potentially impact millions of people across the globe. It can not only create infamy for the breached organization, but also result in lost revenues and put jobs on the line as well.

One way organizations achieve high levels of security and compliance is by implementing DevOps practices. To explain how DevOps can increase the synchronization between InfoSec and Development, CollabNet Information Security Officer Ward Osborne recently contributed a great article on the topic to DevOps.com. It outlines for CIOs and CTOs best practices for getting teams working together to increase security throughout the entire software delivery pipeline.

Below is an excerpt from Ward’s article, which can be read in full here.

“As DevOps continues to expand across verticals, including the financial and government sectors, security has become paramount in the minds of CIOs and CTOs. As such, more organizations have begun to integrate security early in the development process. While security always has been a theoretical part of DevOps, the number of breaches making headlines recently and costing many IT professionals their jobs has taught us that now it is more important than ever for companies to build security into each and every methodology and practice. “Build it in from the start” is a fitting mantra for any developer today—and even more so for his or her boss.

Creating more secure code for products and platforms starts from day one in the planning stages, and some industries are doing it better than others. You must include security—not just in the end product and late development stages, but also throughout the life cycle. Organizations can do this by employing a defined methodology and unified tools that support that methodology, so developers make security not only a consideration for their end products, but something fundamentally baked into their builds.

To achieve this harmony between Development and InfoSec, developers and Operations staff must be included in decisions about tools, standards, and methodologies that the organization will follow. They need to understand what requirements are coming down the road, so they can recognize the need to address those requirements in advance, rather than being caught off-guard by problems or issues after the fact.”

Thanks to Ward for authoring this insightful article. We’re looking forward to providing more meaningful and useful articles like this one on the latest trends in software delivery. Stay tuned.

 

More from the Blog

View more
Feb 14, 2021

Reflecting on the 20th anniversary of the Agile Manifesto

Enterprise Agile Planning
Over the past 20 years, it’s been amazing to watch an idea from ...
Read More
Feb 08, 2021

How does agile apply to an entire organization?

Enterprise Agile Planning
Before we dive into the main subject of this blog post, it is importan ...
Read More
Feb 03, 2021

It took a pandemic to realize why digital transformation actually matters

Enterprise Agile Planning
Before anyone had ever heard of COVID-19, businesses across the globe ...
Read More
Jan 27, 2021

Improve visibility, reduce costs, and take back control of your scaled out container and cloud deployments with the latest releases of Digital.ai Agility and DevOps solutions

Enterprise Agile Planning
We’re thrilled to announce the latest releases of our Digital.ai Agili ...
Read More
Contact Us