Source: thenewstack.io
Three Ways to Overcome Cloud DevSecOps BottlenecksCategory: Security, Infrastructure, Architecture, automation
This post is the second of two parts on why DevSecOps can end up backfiring within cloud native organizations and what you can do about it. DevSecOps is intended to create processes and knowledge to share between engineering and security teams, but it can also create more work and friction.
You’re probably automating much of your software testing — from unit testing to dependency scanning — and cloud security should be no different.
Although better visibility and understanding of your cloud security posture is overall a plus, it has to be in service of efficiently improving your posture over time.
Enforcing policies at the code layer ensures that cloud security is consistently applied and enables it to scale throughout the environment over time.
You’re probably automating much of your software testing — from unit testing to dependency scanning — and cloud security should be no different.
Although better visibility and understanding of your cloud security posture is overall a plus, it has to be in service of efficiently improving your posture over time.
Enforcing policies at the code layer ensures that cloud security is consistently applied and enables it to scale throughout the environment over time.
Related Articles
Community Partners
DevOps Careers