PREDI C TI VE I NTEL L I GE NC E
In the early stages of a project at least, it
may be a good idea to prioritise visibility
and monitoring rather than enforcement and
blocking, so that security is not seen as a
drag on innovation.
performance measurement will help to
evaluate the progress of initiatives and
reward success. This must be backed
up by the right tools and technology,
of course. Process automation can
also help to reduce human error while
security that is adaptive, contextual and
software-based should be prioritised.
Once security functionality is exposed
as services via APIs it is easier to embed
www.intelligentciso.com
|
Issue 17
into DevOps workflows in an automated
manner. It can enable crucial capabilities
such as continuous scanning of
container images for bugs and malware
along with run-time protection.
In the early stages of a project at least, it
may be a good idea to prioritise visibility
and monitoring rather than enforcement
and blocking, so that security is not
seen as a drag on innovation. Security-
by-design will take some time to fully
embed throughout an organisation and
may benefit from allocating budget to
a new DevSecOps team. With DevOps,
integrated security is an essential
pre-requisite for success. After all,
brakes aren’t there to slow you down,
they’re there so that you can get to your
destination faster and safer. u
35