|
Contributors | Messages | Polls | Resources |
|
Report: DevOps Lacks SecurityWhile speed and agility are a few of the big drivers for service providers and enterprises embracing DevOps, there needs to be tighter integration between the security and DevOps teams, according to a report by HPE. HPE's "Application Security and DevOps" report, which included both quantitative and qualitative responses from IT operations professionals, security leaders and developers, found that 99% of all respondents agreed that adopting a DevOps culture has the opportunity to improve application security. But just 20% were doing application security testing during development while 17% weren't using any technologies to protect their applications. According to the report, those issues highlight a large disconnect "between the perception and reality of secure DevOps." "Our research shows that both security leaders and developers believe that the DevOps movement has the potential to significantly improve application security, but organizations are struggling to realize that potential so far," said Jason Schmitt, vice president and general manager of HPE Security Fortify at Hewlett Packard Enterprise , in a prepared statement. "By understanding the current state of DevOps and best practices for integrating security into the development culture, organizations can successfully secure software in this new DevOps world without impeding the speed and agility that it brings." The report focused on the key barriers and gaps that were preventing organizations from integrating security into DevOps, including a significant lack of cooperation between developers and security teams. According to the report, 90% of the security professionals responded that integrating application security had actually become more difficult after their organizations started employing DevOps. There was also a marked lack of security awareness and training for developers. Out of more than 100 job postings for software developers at Fortune 1000 companies, none specified security or secure coding experience and knowledge as part of the skill sets required, according to the report. In order to overcome these obstacles, the report said that the responsibility for security should be shared across entire organizations, and that organizations should integrate security tools more heavily into the development ecosystem. Related posts:
— Mike Robuck, Editor, Telco Transformation |
The winners from the holiday edition of Telco Transformation's caption contest are announced.
It's the final cartoon caption contest of the year for Telco Transformation.
Comcast and AT&T are among the first companies to pass out bonuses to employees after tax reform legislation passes.
Disney is upping its streaming video game with its deal with 21st Century Fox.
CenturyLink's survey also asked IT professionals about SD-WAN, Ethernet and MPLS.
On-the-Air Thursdays Digital Audio
ARCHIVED | December 7, 2017, 12pm EST
Orange has been one of the leading proponents of SDN and NFV. In this Telco Transformation radio show, Orange's John Isch provides some perspective on his company's NFV/SDN journey.
Special Huawei Video
Huawei Network Transformation Seminar The adoption of virtualization technology and cloud architectures by telecom network operators is now well underway but there is still a long way to go before the transition to an era of Network Functions Cloudification (NFC) is complete. |
|
|
||
Telco Transformation
About Us
Contact Us
Help
Register
Twitter
Facebook
RSS
Copyright © 2024 Light Reading, part of Informa Tech, a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use in partnership with
|