…Linking Development and Security…
This conversation with Doug Cahill examines the crucial – but all-too-often overlooked – necessity for cooperation between DevOps and Security teams. While there’s pretty much universal agreement that built-in security is better than bolted-on security, nonetheless the apparently (or at least potentially) competing objectives of DevOps (faster, faster, leaner) and Security (careful, careful, preclude risk) can appear to run counter to everyone’s desires.
Doug does not merely point out that security must be a shared responsibility (true as that may be) but also covers specific ways to get started and highlights the mutually beneficial pay-offs that can accrue to both groups (and hence the overall organization) when this is done properly. It means starting by concentrating on the people and processes at least as much as the technology.
We hope you find this video discussion useful. We will expand – and update – the series regularly.
You can read much more about this pragmatic and beneficial approach in Doug’s recent article published on CSHub, Five Ways to Get Started with DevSecOps. Please feel free to reach out to Doug Cahill or me, Mark Peters, to discuss any of these topics in more depth.
To read the complete article, CLICK HERE