DevOps can make apps more secure

By Sead Fadilpašić
Published 8 years ago

Security Lock

Pretty much all IT operations professionals (99 percent) agree: adopting a DevOps culture can improve application security. This is according to a new report by Hewlett Packard Enterprise.

The report, titled Application Security and DevOps Report 2016, also emphasizes that just a fifth (20 percent) of respondents test their application’s security during development, and 17 percent are using no technologies whatsoever to protect their apps. The conclusion of the report is simple: there is a significant disconnect between perception and reality of secure DevOps.

"Our research shows that both security leaders and developers believe that the DevOps movement has the potential to significantly improve application security, but organizations are struggling to realize that potential so far", says Jason Schmitt, vice president and general manager, HPE Security Fortify, Hewlett Packard Enterprise. "By understanding the current state of DevOps and best practices for integrating security into the development culture, organizations can successfully secure software in this new DevOps world without impeding the speed and agility that it brings".

HPE says implementing DevOps means more secure software development, but there are barriers in the way. The biggest issue is that developers and security teams often don’t work together -- some dev teams have even admitted to not knowing who the security folks in their organization are.

Also, there is a lack of awareness, emphasis and training for developers, and finally, there is a serious shortage of application security talent.

"Adopting a DevOps process can help make applications more secure, since the development and production environment are built the same way and to the same security standards and testing", says John Meakin, group information security officer, Burberry. "However, it requires a commitment across the organization to prioritize security, and incorporate more automated testing solutions that make it easier to gather real-time feedback and remediate vulnerabilities throughout the development process".

Photo Credit: Alexander Supertramp/Shutterstock

No Comments

Comments are closed.

Got News? Contact Us

DevOps can make apps more secure

Recent Headlines

Beyond the snapshot: Why continuous risk assessment is essential in today's threat landscape

TUXEDO Stellaris 17 (Gen6): A high-performance portable Linux workstation

New solution helps companies prepare for 90-day TLS standard

Get 'Enterprise Transformation to AI and the Metaverse' (worth $59.99) for FREE

Best Windows apps this week

All you wanted to know about passkeys but were afraid to ask

Microsoft tells users 'if you want to fix 0x80070643 errors, you'll have to do it yourself'

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.1

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

EndeavourOS ARM discontinued: A huge loss for the Linux community

Microsoft is actively blocking Windows 11 tweaking tools