DevOps can make apps more secure

Security Lock

Pretty much all IT operations professionals (99 percent) agree: adopting a DevOps culture can improve application security. This is according to a new report by Hewlett Packard Enterprise.

The report, titled Application Security and DevOps Report 2016, also emphasizes that just a fifth (20 percent) of respondents test their application’s security during development, and 17 percent are using no technologies whatsoever to protect their apps. The conclusion of the report is simple: there is a significant disconnect between perception and reality of secure DevOps.

"Our research shows that both security leaders and developers believe that the DevOps movement has the potential to significantly improve application security, but organizations are struggling to realize that potential so far", says Jason Schmitt, vice president and general manager, HPE Security Fortify, Hewlett Packard Enterprise. "By understanding the current state of DevOps and best practices for integrating security into the development culture, organizations can successfully secure software in this new DevOps world without impeding the speed and agility that it brings".

HPE says implementing DevOps means more secure software development, but there are barriers in the way. The biggest issue is that developers and security teams often don’t work together -- some dev teams have even admitted to not knowing who the security folks in their organization are.

Also, there is a lack of awareness, emphasis and training for developers, and finally, there is a serious shortage of application security talent.

"Adopting a DevOps process can help make applications more secure, since the development and production environment are built the same way and to the same security standards and testing", says John Meakin, group information security officer, Burberry. "However, it requires a commitment across the organization to prioritize security, and incorporate more automated testing solutions that make it easier to gather real-time feedback and remediate vulnerabilities throughout the development process".

Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.

Photo Credit: Alexander Supertramp/Shutterstock

Comments are closed.

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.