Source: thenewstack.io
Why DevSecOps Is the New Bottleneck for Cloud Native TeamsCategory: Security, Terraform, encryption, automation
This post is the first of two posts on why DevSecOps can end up backfiring within cloud native organizations and what you can do about it. And there are some successes — AppSec and container security have certainly had their “shift left” moments, with tools like Snyk spearheading the way to put security tooling in the hands of developers.
In the past year, while building the Bridgecrew platform, we’ve talked with many teams to understand their cloud security wins and challenges.
We heard how some cloud native engineering and security teams are incorporating far-left DevSecOps in the cloud super successfully.
DevSecOps is supposed to fix this — integrating security into the development lifecycle by embedding into code review processes via CI/CD — but cloud security isn’t quite there.
In the past year, while building the Bridgecrew platform, we’ve talked with many teams to understand their cloud security wins and challenges.
We heard how some cloud native engineering and security teams are incorporating far-left DevSecOps in the cloud super successfully.
DevSecOps is supposed to fix this — integrating security into the development lifecycle by embedding into code review processes via CI/CD — but cloud security isn’t quite there.
Related Articles
Community Partners
DevOps Careers