{"id":429,"date":"2021-07-27T14:28:01","date_gmt":"2021-07-27T13:28:01","guid":{"rendered":"https:\/\/www.itminister.co.uk\/blog\/?p=429"},"modified":"2021-07-27T14:28:01","modified_gmt":"2021-07-27T13:28:01","slug":"putting-security-in-devsecops","status":"publish","type":"post","link":"https:\/\/www.itminister.co.uk\/blog\/putting-security-in-devsecops\/","title":{"rendered":"Putting Security in DevSecOps"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">DevOps combines the best practices within software development and IT operations:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Reduces the time it takes within the development life cycle to bring a product into production<\/li><li>Provides continuous delvery with high-quality software outcomes<\/li><li>Works well with Agule software development.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">DevSecOps takes this a step furter by adding security best practices into the mix<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">DevSecOps: 8 Key Benefits<\/h2>\n\n\n\n<ol class=\"wp-block-list\"><li>Introduces software security testing earlier in the development process<\/li><li>Provides a vehicle to drive uniform application security baselines for developers<\/li><li>Grows the pool of knowledge and skills with a stake in security<\/li><li>Establishes a sense of shared responsibility across departments<\/li><li>Helps identity vulnerabilities at conceptual design phases vs post-production deployment<\/li><li>Improves alignment with compliance objectives<\/li><li>Increases proficiency through more thorough and frequent testing<\/li><li>Leads to actionable metrics (# of deployments, time to patch, % tested)<\/li><\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">DevSecOps: 5 Best Practices to Follow<\/h2>\n\n\n\n<ol class=\"wp-block-list\"><li><strong>Dont just implement DevSecOps<\/strong> &#8211; Budget time and resources for propper training and enable your teams to succeed.<\/li><li><strong>Make it more than high level<\/strong> &#8211; If your developing and application that queries a SQL database, start tests for SQL injection early and continue testing throughout development<\/li><li><strong>Improve and automate<\/strong> &#8211; As your DevSecOps state matures, increase proficiency by developing improvements metrics and automating processes<\/li><li>R<strong>eview all your code<\/strong> &#8211; Dont forget about third-party code contributors<\/li><li>Impement Zero Trust &#8211; Dont automatically trust anything; always verigy when applicable. <a href=\"https:\/\/event.on24.com\/wcc\/r\/3198803\/EE6E61F2A1DD2540C40BC5F5D58C2933?mode=login&amp;email=ricardonewman@hotmail.co.uk\" data-type=\"URL\" data-id=\"https:\/\/event.on24.com\/wcc\/r\/3198803\/EE6E61F2A1DD2540C40BC5F5D58C2933?mode=login&amp;email=ricardonewman@hotmail.co.uk\" target=\"_blank\" rel=\"noreferrer noopener\">Source<\/a><\/li><\/ol>\n\n\n\n<h5 class=\"wp-block-heading\">How Can ITM Help You?<\/h5>\n\n\n\n<p class=\"wp-block-paragraph\">iTM covers all aspects of Cyber Security including but not limited to Home cyber security managed solutions to automated, manage threat intelligence, forensic investigations, Cloud security best practice &amp; architecture and cyber security training. Our objective is to support organisations and consumers at every step of their cyber maturity journey. <a rel=\"noreferrer noopener\" href=\"https:\/\/www.itminister.co.uk\/contact.html\" target=\"_blank\">Contact Us <\/a>for more information.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>DevOps combines the best practices within software development and IT operations: Reduces the time it takes within the development life cycle to bring a product into production Provides continuous delvery with high-quality software outcomes Works well with Agule software development. DevSecOps takes this a step furter by adding security best practices into the mix DevSecOps: &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.itminister.co.uk\/blog\/putting-security-in-devsecops\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Putting Security in DevSecOps&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","beyondwords_generate_audio":"","beyondwords_integration_method":"","beyondwords_project_id":"","beyondwords_content_id":"","beyondwords_preview_token":"","beyondwords_player_content":"","beyondwords_player_style":"","beyondwords_language_code":"","beyondwords_language_id":"","beyondwords_title_voice_id":"","beyondwords_body_voice_id":"","beyondwords_summary_voice_id":"","beyondwords_error_message":"","beyondwords_disabled":"","beyondwords_delete_content":"","beyondwords_podcast_id":"","beyondwords_hash":"","publish_post_to_speechkit":"","speechkit_hash":"","speechkit_generate_audio":"","speechkit_project_id":"","speechkit_podcast_id":"","speechkit_error_message":"","speechkit_disabled":"","speechkit_access_key":"","speechkit_error":"","speechkit_info":"","speechkit_response":"","speechkit_retries":"","speechkit_status":"","speechkit_updated_at":"","_speechkit_link":"","_speechkit_text":""},"categories":[27,18,23,26,28],"tags":[],"class_list":["post-429","post","type-post","status-publish","format-standard","hentry","category-architecture","category-cyber-security-best-practice","category-cyber-security-research","category-devops","category-devsecops"],"_links":{"self":[{"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/posts\/429","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=429"}],"version-history":[{"count":1,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/posts\/429\/revisions"}],"predecessor-version":[{"id":430,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/posts\/429\/revisions\/430"}],"wp:attachment":[{"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=429"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=429"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=429"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}