Source: thenewstack.io
Addressing Security Throughout the Infrastructure DevOps LifecycleCategory: Security, Infrastructure, encryption, github, gitlab, bitbucket
This is a practical post on why and how to address cloud security at each step of the infrastructure development lifecycle, from infrastructure-as-code in your IDE to running cloud resources.
Whether you call it developer-first security, DevSecOps, or “shift left,” this approach provides a solution to two pervasive challenges with DevOps and cloud native methodologies: Piggy-backing off the increased use of cloud configuration frameworks and infrastructure-as-code (IaC), the “shift left” approach promises improved efficiency and decreased risk.
Keep in mind that developer-first security doesn’t preclude “traditional” cloud security methods — namely monitoring running cloud resources for security and compliance misconfigurations.
The other benefit of embedding infrastructure security into the CI/CD pipeline is that it’s automated and can be fully customized for your workflow.
If you can provide fixes, in addition to detection to and from the same stage, your task is that much easier.
Whether you call it developer-first security, DevSecOps, or “shift left,” this approach provides a solution to two pervasive challenges with DevOps and cloud native methodologies: Piggy-backing off the increased use of cloud configuration frameworks and infrastructure-as-code (IaC), the “shift left” approach promises improved efficiency and decreased risk.
Keep in mind that developer-first security doesn’t preclude “traditional” cloud security methods — namely monitoring running cloud resources for security and compliance misconfigurations.
The other benefit of embedding infrastructure security into the CI/CD pipeline is that it’s automated and can be fully customized for your workflow.
If you can provide fixes, in addition to detection to and from the same stage, your task is that much easier.
Related Articles
Community Partners
DevOps Careers