A prescription for integrating Continuous Security with DevOps
April 11th 2019 16:00 - 16:20
DevOps compliance is a top concern of IT leaders, but information security is seen as an inhibitor to DevOps agility. Security infrastructure has lagged in its ability to become "software-defined" and programmable, making it difficult to integrate security controls into DevOps-style workflows in an automated, transparent way. Modern applications are largely "assembled," not developed, and developers often download and use known vulnerable open-source components and frameworks.