7 Steps to Transforming Yourself into a DevSecOps Rockstar

Security practitioners at one education software firm offer lessons learned from merging DevOps with security.
Aim For Improvement, Not Perfection
Eliminate Points of Friction
Walk in Developer Shoes
Articulate Requirements Clearly
Enforce Policy As Code
Expand Your Tooling Horizons
Ditch the Chicken Little Routine

The union between DevOps and information security stands to help organizations not only deliver software more quickly, but also finally achieve something that application security professionals have been chasing for years now: securing code much earlier in the software development lifecycle. According to recent numbers, high-performing IT teams that engage in DevSecOps work patterns need to spend 50% less time remediating security issues because they're fixing problems throughout the entire lifecycle.

But achieving those kinds of gains requires that security professionals make big changes in attitudes, work habits, and communication methods, say two professionals from higher ed software developer Ellucian, who have helped the firm transform its development practices. Dark Reading recently caught up with Michele Chubirka, security architect, and Troy Marshall, DevSecOps and cloud reliability leader, to discuss what it takes to get into the DevSecOps groove.

[Learn more about DevSecOps during Interop ITX, May 15-19, at the MGM Grand in Las Vegas. To check out the other Interop security sessions, or to register, click on the live links.]

Next slide
Recommended Reading: