This is the second in a three-part series on continuous security. In our https://thenewstack.io/what-good-security-looks-like-in-a-cloudy-world/ we outlined Jit’s philosophy behind https://jit.io, and how elite and modern engineering teams who will embrace this approach will actually increase velocity despite common misconceptions around security bogging down engineering.
When we talk about continuous security, it also consists of a few pillars that will help bring security closer to engineering practices and unleash the true potential of developer-owned security.
If we start with the first pillar of continuous security, security as code (SaC) is aligned with developer workflows and provides fixes to known problems throughout the coding process.
Continuous security is possible by breaking down the formerly daunting domain of security into developer-centric language, tools, workflows and processes.