Coalfire’s Cloud Advisory Board presents best practices for DevSecOps | SC Media
DevOps

Coalfire’s Cloud Advisory Board presents best practices for DevSecOps

October 15, 2021
Visitors walk by a cloud sign at a technology trade fair on March 21, 2017, in Hanover, Germany. S3 buckets have become a security time bomb, said one expert. (Alexander Koerner/Getty Images)
  • Embed software techniques. Embed security into the software development life cycle from the start through several techniques, including threat modeling before writing code, using application security testing gates, and implementing secure coding standards.
  • Expand automation use cases. The report highlights more than 20 automation opportunities across the DevSecOps lifecycle, from real-time alerting when security and functional inspections fail to collecting governance artifacts and automating traceability.
  • Identify AppSec champions. Target and develop experts who can deliver support and scale DevSecOps efforts.
  • Build a security culture from the ground-up. Rely on the cultural triad: partnership, cooperation, and collaboration.
prestitial ad