With massive data and security breaches in the headlines these days, you would think it obvious to include security in every software development initiative, from consideration and planning to deployment. Surprisingly, this is often not the case. The term “Rugged DevOps” has been around for a while and has drawn attention to the need for greater security in the DevOps methodology.
CollabNet was featured in a recent SD Times application security Buyer’s Guide, Necessity is the Mother of the ‘Rugged DevOps’ Movement, as TeamForge enables enterprises to achieve DevSecOps, a collaborative process between Info Security, Development and Operations teams.
The author Alexandra Weber Morales asked me what small or incremental changes I’ve seen that lead to better application security. I responded that organizations have to include security all along the development process, from inception through deployment. Also, knowledge is still power, so security awareness training around common flaws in processes and methodologies is critical. Those changes will keep the team thinking about security all along the way so that vital requirements don’t slip through the cracks.
To support the methodology and security awareness, I cannot stress enough that you need the appropriate tools that cover and align to the development gates and reflect the security requirements. Good tools, methodology, and training combined accelerate quality development work that includes security as a consideration from the beginning.
We were invited to participate in this Buyer’s Guide because CollabNet can play a significant role in helping our customers improve their security best practices.
Please read the complete article here.