DevSecOps paradigm shift
What is Paradigm Shift
An important change happens when the usual way of thinking about or doing something is replaced by a new and different way.
What is DevSecOps
DevSecOps(Development + Security + Operations) means thinking about security from the beginning of the development itself. We can find multiple articles on DevSecOps and best practices and each talks about the usual way.
Let’s discuss the usual way of DevSecOps in a bit of detail and then we will elaborate on why and how we should do it differently.
I hope you are pretty familiar with the above pic which says that to consider security at each phase of DevOps i.e. plan, code, build, test, release, deploy, operate and monitor. Let’s see the usual way and how can we do it differently to have a better and automated approach:
In many organizations, there are shift left tools/portals are available which does evaluate security architecture and also third-party modules but what do they lack is integration with planning tools like JIRA.
The better way is getting applied in many organizations and they call it to shift left, however it goes more for coding best practices and less on security features. We should be a focus on security as well in code review.
Build phase is very critical in DevSecOps as once artifacts are ready and security has been taken seriously, more than half battle is won.
Believe me, App security vulnerability patch implementation can be fully automated in the test phase, and effort towards is totally worth it.
Containers are a bit tricky to patch but tools like snyk can help, however, servers should be patched automatically irrespective of Public/Hybrid cloud or on-prem servers.
Self-healing of security vulnerabilities can be implemented on the basis of events monitored.
There are so many ways that we can think and apply security features in the DevOps cycle differently and create robust and secure apps.
Please provide suggestions/feedback on this post, together we can achieve better security in a more automated way.
