June 16, 2018

Signal Sciences devops-sec roadmap

Signal Siences published The devops roadmap for security in 2016. I just read it and found it quite easy and interesting. Obviously, it's about integrating security in a devops organization.


Most things they touch on can also be found elsewhere, but:
  • page 14 makes clear why a good engineering culture is important in general and in particular for security (hint: because there's not enough security engineers and you need others to do some of the work)
  • pages 15-16 are must read; they outline Lean Security and what we must do right to not be rejected by the delivery organization

No comments:

Post a Comment