Transitioning from DevOps to DevSecOps

by Jeremy

Making the transition from DevOps to DevSecOps can seem daunting; however, breaking the process down into simplified steps can help make it more manageable. Perforce, a company that works to solve DevOps challenges, recently participated in an SD Times Live! webinar discussing the best practices for making this shift.

padlock 428549 640

The panel was hosted by Mitch Ashley and consisted of Steve Howard, SCA specialist and technical services lead at Perforce; Jill Britton, director of compliance at Perforce; and Stuart Foster, product manager at Klockwork and Helix QAC at Perforce. 

They mentioned the importance of creating a culture of security when making the transition to DevSecOps. “We’ve gotta start by making sure people feel comfortable in sharing information,” Howard began. “We want a collaborative community around the team that is sharing the information because you never know who’s going to spot the thing that matters.” Creating this culture of caring about security can help empower a development team to see all aspects of a project, including security, while still in the development process, preventing unnecessary difficulty down the line. 

Another aspect of creating this security culture has to do with the training given to developers entrusted with implementing security features. When development teams understand what threats and vulnerabilities they are looking for, it becomes easier to spot them earlier in the process. From that training, a DevSecOps process can be put into place to serve the organization’s needs best and work alongside tools and standards to provide the best security possible.

Related Posts

Leave a Comment