Done right, pairing of DevOps and cybersecurity coordinates strengths of both

Cloud-based apps benefit from speed, agility, along with ability to mitigate, manage breach risk

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Cloud com­put­ing com­plete­ly over­hauled the enter­prise IT land­scape and sim­pli­fied the way we do busi­ness. For instance, cloud file stor­age allows us to access files any­where and not be depen­dent on spe­cif­ic devices. Cloud ana­lyt­ics con­sol­i­dates data from all sources, enabling busi­ness intel­li­gence at a larg­er scale.

The same envi­ron­ment that made cloud com­put­ing pos­si­ble is now play­ing a part in the DevOps move­ment, the merg­ing of devel­op­ment and oper­a­tions teams to get appli­ca­tions to mar­ket faster.

CA Tech­nolo­gies’ acqui­si­tion of appli­ca­tion secu­ri­ty provider Ver­a­code ear­li­er this month indi­cates the DevOps adop­tion wave will con­tin­ue to gain momen­tum. Much as we saw with cloud adop­tion trends—and vir­tu­al­iza­tion before that—when tra­di­tion­al play­ers start invest­ing in tool­ing for the new world, they’re doing so because their large tra­di­tion­al cus­tomers are begin­ning to move in that direction.

Secu­ri­ty vital from get-go

Today, that means push­ing secu­ri­ty ear­li­er in the devel­op­ment cycle, which increas­es the like­li­hood that a par­tic­u­lar appli­ca­tion will with­stand attack. Ver­a­code, for instance, assess­es and improves the secu­ri­ty of appli­ca­tion code, elim­i­nat­ing man­u­al and error-prone mistakes.

This isn’t the first acqui­si­tion CA has made as they move from the old world of secu­ri­ty, which involves man­u­al­ly cre­at­ing poli­cies in iso­lat­ed sys­tems, to the new world of secu­ri­ty, a more agile, auto­mat­ed and fast-mov­ing envi­ron­ment. In fact, just last year the com­pa­ny acquired BlazeMe­ter, a leader in open source-based con­tin­u­ous appli­ca­tion per­for­mance test­ing, to fur­ther improve test­ing effi­cien­cy and accel­er­ate the deploy­ment of appli­ca­tions. And in 2015, CA acquired IdM­log­ic, Ral­ly Soft­ware and Grid-Tools.

Old tools don’t do job

Rem­i­nis­cent of the ear­ly cloud com­put­ing days in which com­pa­nies like SAP, Ora­cle, Adobe and IBM had to acquire to build out their cloud capa­bil­i­ties or risk los­ing mar­ket share, DevOps adop­tion fur­ther proves the imprac­ti­cal­i­ty of rely­ing on human con­fig­u­ra­tion and human val­i­da­tion. The vol­ume of soft­ware appli­ca­tions being devel­oped today is enor­mous, and the process for devel­op­ing and deploy­ing those apps is only get­ting faster. Not only that, but devel­op­ers are tasked with updat­ing their appli­ca­tions dai­ly, some­times every few hours, and have real­ized that the tra­di­tion­al tools and meth­ods they once used have become inadequate.

While the most crit­i­cal threat to orga­ni­za­tions con­tin­ues to be the users, who want their appli­ca­tions and tools avail­able and acces­si­ble from any loca­tion, adding anoth­er lay­er of com­plex­i­ty for IT, the lack of tools that can work in DevOps envi­ron­ments is a seri­ous issue for many orga­ni­za­tions today. CA Tech­nolo­gies is off­set­ting this short­age with Ver­a­code, and we imag­ine we’ll only con­tin­ue to see more of these acqui­si­tions come to fruition over the next few years.

More sto­ries relat­ed to cloud security:
Busi­ness­es must remem­ber shared cloud secu­ri­ty requires shared responsibility
Cul­tur­al shift favor­ing coop­er­a­tion, not com­pe­ti­tion, improves cybersecurity
To get ahead of threat curve, boost secu­ri­ty dur­ing soft­ware development