{"id":2489,"date":"2019-08-09T12:03:48","date_gmt":"2019-08-09T09:03:48","guid":{"rendered":"http:\/\/gcp.ideus.com.tr\/index.php\/from-devops-vs-secops-to-devsecops\/"},"modified":"2019-08-09T12:03:48","modified_gmt":"2019-08-09T09:03:48","slug":"from-devops-vs-secops-to-devsecops","status":"publish","type":"post","link":"https:\/\/www.ideus.com.tr\/index.php\/from-devops-vs-secops-to-devsecops\/","title":{"rendered":"From \u2018DevOps vs. SecOps\u2019 to DevSecOps"},"content":{"rendered":"
\n

DHI Group<\/span><\/a> runs 100% in AWS. We provide a job recruiting platform for technical candidates and businesses in the United States as well as Europe and Asia-Pacific. AWS helps us deliver features to customers more quickly and reduce data center costs.<\/span><\/p>\n

When I joined the company about two years ago, we were at the end of a three-year AWS migration plan. Our development teams were operating in a \u201cfree-for-all\u201d state, building anything they wanted, however they wanted, with little security oversight. The attitude was simple: \u201cSecurity is not my responsibility \u2013 that\u2019s for the security team!\u201d<\/span><\/p>\n

The security team tried to implement guardrails to keep DevOps in check using a configuration monitoring tool along with another point tool that handled flow log analysis and network alerting. So many alerts were generated that it was nearly impossible to use them to draw meaningful conclusions and prioritize remediation. Ultimately, security was overcome by \u201calert fatigue,\u201d and the point products caused more harm than good.\u00a0<\/span><\/p>\n

A Better Way: Enter Prisma Cloud<\/b><\/p>\n

We sought a replacement that combined configuration analysis and network analysis \u2013 and more importantly, data correlation and context \u2013 to reduce the number of security alerts and allow the security team to prioritize threats that really matter. We chose Prisma Cloud after reviewing several products. It\u2019s easy to deploy, agentless and took just 5 to 10 minutes to set up and get running.\u00a0<\/span><\/p>\n

Here\u2019s why we picked Prisma Cloud:\u00a0<\/span><\/p>\n

Catalyst to Cultural Transformation<\/span><\/p>\n

In the past, when something would break, it was difficult and time-consuming for DevOps to track down what went wrong. Prisma Cloud\u2019s AWS CloudTrail history allows DevOps to easily identify exactly what changed, when it changed and who changed it.<\/span><\/p>\n

Changing Bad Habits<\/strong><\/p>\n

Most of our developers and engineers didn\u2019t know much about configuring AWS securely. Prisma Cloud enabled us to clearly communicate our standards across the organization\u00a0 through its guided, automated remediation capabilities. That allows developers to \u201clearn as they go\u201d without feeling they were doing extra work.<\/span><\/p>\n

Instilling Community<\/strong><\/p>\n

DHI\u2019s developers are spread across the globe. While the security team has good relationships with developers who work alongside us in our home office, we had very little contact developers working remotely and in branch offices. This made it nearly impossible to enforce security standards. The culture shifted after we implemented Prisma Cloud. We now have security chat rooms where teams can share best practices and ask for help in real time.<\/span><\/p>\n

Prisma Cloud has helped reduce the volume of required follow up activity. There\u2019s a sense of accountability. Developers know that if they don\u2019t build securely in AWS, they will be required to go back and fix their mistakes. I can confidently say that security is no longer an afterthought. We\u2019ve been able to \u201cshift left\u201d and bake security into the development process.\u00a0<\/span><\/p>\n

Outcomes<\/b><\/p>\n

We achieved security and business improvements after moving to Prisma Cloud. Here are three significant ones:<\/span><\/p>\n

    \n
  1. Winning Trust With Stakeholders<\/span>:<\/span> When I talk to the board of directors, they want to know about breaches across our industry, exposed S3 buckets or other vulnerabilities that are reported. They ask me if we are protected against such issues and how we would know if we were affected. Prisma Cloud makes it easy for me to demonstrate that we have visibility into these resources and would know almost instantly in the event of an exposure.<\/span><\/b><\/li>\n
  2. Maintaining Continuous Security Posture: In the past, our security posture was always continually getting worse. As we built more in AWS, we were slowly digging ourselves into a bigger security hole. Now, we fix problems as they arise. It\u2019s a \u201cclean as we go\u201d mentality.<\/li>\n
  3. Enabling Security Automation: When you start building infrastructure as code, you quickly see the security issues that arise. Your first question then becomes, \u201cHow do we automate the remediation of these?\u201d Implementing a tool like Prisma Cloud will be your first step in enabling an automated cloud security strategy.<\/li>\n<\/ol>\n

    When Dev and Sec Teams Unite<\/b><\/p>\n

    I have watched our company culture transform over two years. The security team went from being siloed and excluded from engineering and architecture discussions to being a critical part of those discussions and, in some cases, leading them.<\/span><\/p>\n

    My belief is that there is pretty much always a way to build something securely, and I hesitate to ever say no to anything. Prisma Cloud provides the visibility and actionable intelligence required to protect your cloud data and your business.<\/span><\/p>\n

    Want to try it out yourself? Sign up for a <\/i><\/b>30-Day Free Trial<\/i><\/b><\/a>.<\/i><\/b><\/p>\n

    The post From \u2018DevOps vs. SecOps\u2019 to DevSecOps<\/a> appeared first on Palo Alto Networks Blog<\/a>.<\/p>\n

    \"\"\"\"\"\"<\/div>\n","protected":false},"excerpt":{"rendered":"

    DHI Group runs 100% in AWS. We provide a job recruiting platform for technical candidates and businesses in the United States as well as Europe and Asia-Pacific. AWS helps us deliver features to customers more quickly and reduce data center costs. When I joined the company about two years ago, we were at the end<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":""},"categories":[24],"tags":[141,33,29,27,34],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.ideus.com.tr\/index.php\/wp-json\/wp\/v2\/posts\/2489"}],"collection":[{"href":"https:\/\/www.ideus.com.tr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ideus.com.tr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ideus.com.tr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ideus.com.tr\/index.php\/wp-json\/wp\/v2\/comments?post=2489"}],"version-history":[{"count":0,"href":"https:\/\/www.ideus.com.tr\/index.php\/wp-json\/wp\/v2\/posts\/2489\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.ideus.com.tr\/index.php\/wp-json\/wp\/v2\/media?parent=2489"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ideus.com.tr\/index.php\/wp-json\/wp\/v2\/categories?post=2489"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ideus.com.tr\/index.php\/wp-json\/wp\/v2\/tags?post=2489"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}