{"id":1032,"date":"2020-06-15T16:17:31","date_gmt":"2020-06-15T10:47:31","guid":{"rendered":"https:\/\/www.trendstechblog.com\/?p=1032"},"modified":"2020-06-15T16:18:11","modified_gmt":"2020-06-15T10:48:11","slug":"devops-should-focus-more-on-security","status":"publish","type":"post","link":"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/","title":{"rendered":"DevOps Should Focus More On Security"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_58 counter-hierarchy ez-toc-counter ez-toc-transparent ez-toc-container-direction\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-655dd1812bea1\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-655dd1812bea1\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#Security_And_Software_Development\" title=\"Security And Software Development\">Security And Software Development<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#When_It_Comes_To_Safety_And_Speed_Matters\" title=\"When It Comes To Safety And Speed Matters\">When It Comes To Safety And Speed Matters<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#Shift_Left_Shift_To_The_Beginning\" title=\"Shift Left Shift To The Beginning\">Shift Left Shift To The Beginning<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#Analysis_Of_Threats\" title=\"Analysis Of Threats\">Analysis Of Threats<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#Comprehensive_DevSecOps\" title=\"Comprehensive DevSecOps\">Comprehensive DevSecOps<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Security_And_Software_Development\"><\/span>Security And Software Development<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>In companies that use the DevOps methodology, it has changed the way applications are developed. However, adding security to this methodology has not been the focus of the developers&#8217; thinking process. This can lead to many gaps in deployed applications, as Palo Alto Networks reports. DevOps needs to change the approach to security. By integrating security during the build time, <a href=\"https:\/\/en.wikipedia.org\/wiki\/DevOps\"><span style=\"color: #0000ff;\"><strong>DevOps<\/strong> <\/span><\/a>teams can gain additional valuable insights to ensure security.<\/p>\n<p>But what are the changes required and what impact will they have on the security architecture and operations? What needs to stay the same and what needs to be changed. Palo Alto Networks takes a close look at the relationship between DevOps and security.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"When_It_Comes_To_Safety_And_Speed_Matters\"><\/span>When It Comes To Safety And Speed Matters<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Even with manual approval points built into the workflow, traditional security operating models will be a bottleneck. To work effectively, security teams need to implement the DevOps model and integrate security to deliver tests and controls as part of the pipeline. This will require the introduction of some new tools, a shift in operational practices, and some new skills. In a company controlled by DevOps, this is the only way for a responsible team to ensure the protection of the company.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Shift_Left_Shift_To_The_Beginning\"><\/span>Shift Left Shift To The Beginning<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The &#8220;shift of security to the left&#8221; means that security considerations are included early in the software delivery lifecycle, as far to the left as possible in the timeline. This makes sense because some security weaknesses are easier to spot during the design phase of application development &#8211; and much less expensive to fix &#8211; than after the software was deployed.<\/p>\n<p>However, what this cannot mean is the full delegation of responsibility for application and runtime security to a development team. Security and development teams need to work together to identify threats and controls earlier and incorporate security testing into the software deployment workflow. The specific tools a team of developers needs to automate security testing are available, even if they&#8217;re not used everywhere.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Analysis_Of_Threats\"><\/span>Analysis Of Threats<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Developers take more responsibility for the runtime stack on which their code is executed. They use approaches such as Infrastructure-as-Code to define an entire running application environment, or Docker files to define their application containers. In return, security teams need to understand the potential threats within these development environments. You need to provide tools that can be integrated at the earliest stages of application coding. In this way, teams can identify unsafe configurations so that they can be fixed before the first code is submitted.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Comprehensive_DevSecOps\"><\/span>Comprehensive DevSecOps<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The software delivery model inspired by DevOps is becoming increasingly popular. Therefore, the other parts of IT, particularly security, have to adapt to faster development cycles and new attack vectors within a highly automated software delivery pipeline. This should be done in addition to implementing security best practices and keeping up with the ever-changing threats and compromise techniques. The only risk that decreases in contrast to cyber threats is that you have nothing to do in terms of security because there is still a lot to do.<\/p>\n<p><strong><span style=\"color: #0000ff;\">Aslo Read: <a style=\"color: #0000ff;\" href=\"https:\/\/www.trendstechblog.com\/the-wallpaper-that-can-make-an-android-mobile-phone-collapse\/\">The Wallpaper That Can Make An Android Mobile Phone Collapse<\/a><\/span><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security And Software Development In companies that use the DevOps methodology, it has changed the way applications are developed. However,&#8230;<\/p>\n","protected":false},"author":1,"featured_media":1033,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[169],"tags":[190,191,192],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>DevOps Should Completely Focus More On Security<\/title>\n<meta name=\"description\" content=\"In companies that use the DevOps methodology, it has changed the way applications are developed. However, adding security to this methodology.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"DevOps Should Completely Focus More On Security\" \/>\n<meta property=\"og:description\" content=\"In companies that use the DevOps methodology, it has changed the way applications are developed. However, adding security to this methodology.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Trends Tech Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-06-15T10:47:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-06-15T10:48:11+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.trendstechblog.com\/wp-content\/uploads\/2020\/06\/DevOps-should-focus-more-on-security-Jpg.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"675\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TrendsTechBlog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@trendstechblog\" \/>\n<meta name=\"twitter:site\" content=\"@trendstechblog\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TrendsTechBlog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/\"},\"author\":{\"name\":\"TrendsTechBlog\",\"@id\":\"https:\/\/www.trendstechblog.com\/#\/schema\/person\/323aae267386ddba7224403d86f419d1\"},\"headline\":\"DevOps Should Focus More On Security\",\"datePublished\":\"2020-06-15T10:47:31+00:00\",\"dateModified\":\"2020-06-15T10:48:11+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/\"},\"wordCount\":532,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.trendstechblog.com\/#\/schema\/person\/323aae267386ddba7224403d86f419d1\"},\"keywords\":[\"DevOps\",\"DevopsSecurity\",\"DevSecOps\"],\"articleSection\":[\"SECURITY\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/\",\"url\":\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/\",\"name\":\"DevOps Should Completely Focus More On Security\",\"isPartOf\":{\"@id\":\"https:\/\/www.trendstechblog.com\/#website\"},\"datePublished\":\"2020-06-15T10:47:31+00:00\",\"dateModified\":\"2020-06-15T10:48:11+00:00\",\"description\":\"In companies that use the DevOps methodology, it has changed the way applications are developed. However, adding security to this methodology.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.trendstechblog.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SECURITY\",\"item\":\"https:\/\/www.trendstechblog.com\/category\/security\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"DevOps Should Focus More On Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.trendstechblog.com\/#website\",\"url\":\"https:\/\/www.trendstechblog.com\/\",\"name\":\"Trends Tech Blog\",\"description\":\"Daily Tech Updates\",\"publisher\":{\"@id\":\"https:\/\/www.trendstechblog.com\/#\/schema\/person\/323aae267386ddba7224403d86f419d1\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.trendstechblog.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/www.trendstechblog.com\/#\/schema\/person\/323aae267386ddba7224403d86f419d1\",\"name\":\"TrendsTechBlog\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.trendstechblog.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.trendstechblog.com\/wp-content\/uploads\/2020\/06\/Trends-Tech-Blog-Logo.png\",\"contentUrl\":\"https:\/\/www.trendstechblog.com\/wp-content\/uploads\/2020\/06\/Trends-Tech-Blog-Logo.png\",\"width\":280,\"height\":70,\"caption\":\"TrendsTechBlog\"},\"logo\":{\"@id\":\"https:\/\/www.trendstechblog.com\/#\/schema\/person\/image\/\"},\"description\":\"TrendsTechBlog it's a Technologies Related that gives the Technology News, Business, Gadgest, Digital, Mobiles, Social Media, AI. Latest Trends and Up coming News.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"DevOps Should Completely Focus More On Security","description":"In companies that use the DevOps methodology, it has changed the way applications are developed. However, adding security to this methodology.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/","og_locale":"en_US","og_type":"article","og_title":"DevOps Should Completely Focus More On Security","og_description":"In companies that use the DevOps methodology, it has changed the way applications are developed. However, adding security to this methodology.","og_url":"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/","og_site_name":"Trends Tech Blog","article_published_time":"2020-06-15T10:47:31+00:00","article_modified_time":"2020-06-15T10:48:11+00:00","og_image":[{"width":1280,"height":675,"url":"https:\/\/www.trendstechblog.com\/wp-content\/uploads\/2020\/06\/DevOps-should-focus-more-on-security-Jpg.jpg","type":"image\/jpeg"}],"author":"TrendsTechBlog","twitter_card":"summary_large_image","twitter_creator":"@trendstechblog","twitter_site":"@trendstechblog","twitter_misc":{"Written by":"TrendsTechBlog","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#article","isPartOf":{"@id":"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/"},"author":{"name":"TrendsTechBlog","@id":"https:\/\/www.trendstechblog.com\/#\/schema\/person\/323aae267386ddba7224403d86f419d1"},"headline":"DevOps Should Focus More On Security","datePublished":"2020-06-15T10:47:31+00:00","dateModified":"2020-06-15T10:48:11+00:00","mainEntityOfPage":{"@id":"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/"},"wordCount":532,"commentCount":0,"publisher":{"@id":"https:\/\/www.trendstechblog.com\/#\/schema\/person\/323aae267386ddba7224403d86f419d1"},"keywords":["DevOps","DevopsSecurity","DevSecOps"],"articleSection":["SECURITY"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/","url":"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/","name":"DevOps Should Completely Focus More On Security","isPartOf":{"@id":"https:\/\/www.trendstechblog.com\/#website"},"datePublished":"2020-06-15T10:47:31+00:00","dateModified":"2020-06-15T10:48:11+00:00","description":"In companies that use the DevOps methodology, it has changed the way applications are developed. However, adding security to this methodology.","breadcrumb":{"@id":"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.trendstechblog.com\/devops-should-focus-more-on-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.trendstechblog.com\/"},{"@type":"ListItem","position":2,"name":"SECURITY","item":"https:\/\/www.trendstechblog.com\/category\/security\/"},{"@type":"ListItem","position":3,"name":"DevOps Should Focus More On Security"}]},{"@type":"WebSite","@id":"https:\/\/www.trendstechblog.com\/#website","url":"https:\/\/www.trendstechblog.com\/","name":"Trends Tech Blog","description":"Daily Tech Updates","publisher":{"@id":"https:\/\/www.trendstechblog.com\/#\/schema\/person\/323aae267386ddba7224403d86f419d1"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.trendstechblog.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/www.trendstechblog.com\/#\/schema\/person\/323aae267386ddba7224403d86f419d1","name":"TrendsTechBlog","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.trendstechblog.com\/#\/schema\/person\/image\/","url":"https:\/\/www.trendstechblog.com\/wp-content\/uploads\/2020\/06\/Trends-Tech-Blog-Logo.png","contentUrl":"https:\/\/www.trendstechblog.com\/wp-content\/uploads\/2020\/06\/Trends-Tech-Blog-Logo.png","width":280,"height":70,"caption":"TrendsTechBlog"},"logo":{"@id":"https:\/\/www.trendstechblog.com\/#\/schema\/person\/image\/"},"description":"TrendsTechBlog it's a Technologies Related that gives the Technology News, Business, Gadgest, Digital, Mobiles, Social Media, AI. Latest Trends and Up coming News."}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.trendstechblog.com\/wp-json\/wp\/v2\/posts\/1032"}],"collection":[{"href":"https:\/\/www.trendstechblog.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.trendstechblog.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.trendstechblog.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.trendstechblog.com\/wp-json\/wp\/v2\/comments?post=1032"}],"version-history":[{"count":2,"href":"https:\/\/www.trendstechblog.com\/wp-json\/wp\/v2\/posts\/1032\/revisions"}],"predecessor-version":[{"id":1035,"href":"https:\/\/www.trendstechblog.com\/wp-json\/wp\/v2\/posts\/1032\/revisions\/1035"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.trendstechblog.com\/wp-json\/wp\/v2\/media\/1033"}],"wp:attachment":[{"href":"https:\/\/www.trendstechblog.com\/wp-json\/wp\/v2\/media?parent=1032"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.trendstechblog.com\/wp-json\/wp\/v2\/categories?post=1032"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.trendstechblog.com\/wp-json\/wp\/v2\/tags?post=1032"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}