Devopsdays 2020: securing your devops transformation - April Edwards¶
(One of my summaries of a talk at the 2020 online devopsdays Amsterdam conference).
She quotes Gartner: “95% of cloud breaches occur due to human errors such as configuration mistakes”. Passwords in repositories, for instance.
A common problem is deadlines. It is easy to cut back a bit on security to meet a business deadline or objective…. Manual processes and culture also hinders security innovation. Interference from management. Fear of failure. Lack of learning.
Devops: people, process, products. Five main things to pay attention to:
Enable secure development. What tools do you use?
Secure your development devices and development environment.
Make sure your source code control is secure.
CI/CD tooling and all the other automatic checks you can do.
Good alerting and monitoring.
Reinout van Rees
My name is Reinout van Rees and I program in Python, I live in the Netherlands, I cycle recumbent bikes and I have a model railway.
- Weblog
- Preken (NL)
- Over mij (NL)
- About me (EN)
- Ligfiets (NL)
- Eifelburgenbahn (model railway)
- Videos
- PhD (EN)
Weblog feeds
Most of my website content is in my weblog. You can keep up to date by subscribing to the automatic feeds (for instance with Google reader):