Done right, pairing of DevOps and cybersecurity coordinates strengths of both
Cloud-based apps benefit from speed, agility, along with ability to mitigate, manage breach risk
By John Morello, Special to ThirdCertainty
Cloud computing completely overhauled the enterprise IT landscape and simplified the way we do business. For instance, cloud file storage allows us to access files anywhere and not be dependent on specific devices. Cloud analytics consolidates data from all sources, enabling business intelligence at a larger scale.
The same environment that made cloud computing possible is now playing a part in the DevOps movement, the merging of development and operations teams to get applications to market faster.
CA Technologies’ acquisition of application security provider Veracode earlier this month indicates the DevOps adoption wave will continue to gain momentum. Much as we saw with cloud adoption trends—and virtualization before that—when traditional players start investing in tooling for the new world, they’re doing so because their large traditional customers are beginning to move in that direction.
Security vital from get-go
Today, that means pushing security earlier in the development cycle, which increases the likelihood that a particular application will withstand attack. Veracode, for instance, assesses and improves the security of application code, eliminating manual and error-prone mistakes.
This isn’t the first acquisition CA has made as they move from the old world of security, which involves manually creating policies in isolated systems, to the new world of security, a more agile, automated and fast-moving environment. In fact, just last year the company acquired BlazeMeter, a leader in open source-based continuous application performance testing, to further improve testing efficiency and accelerate the deployment of applications. And in 2015, CA acquired IdMlogic, Rally Software and Grid-Tools.
Old tools don’t do job
Reminiscent of the early cloud computing days in which companies like SAP, Oracle, Adobe and IBM had to acquire to build out their cloud capabilities or risk losing market share, DevOps adoption further proves the impracticality of relying on human configuration and human validation. The volume of software applications being developed today is enormous, and the process for developing and deploying those apps is only getting faster. Not only that, but developers are tasked with updating their applications daily, sometimes every few hours, and have realized that the traditional tools and methods they once used have become inadequate.
While the most critical threat to organizations continues to be the users, who want their applications and tools available and accessible from any location, adding another layer of complexity for IT, the lack of tools that can work in DevOps environments is a serious issue for many organizations today. CA Technologies is offsetting this shortage with Veracode, and we imagine we’ll only continue to see more of these acquisitions come to fruition over the next few years.
More stories related to cloud security:
Businesses must remember shared cloud security requires shared responsibility
Cultural shift favoring cooperation, not competition, improves cybersecurity
To get ahead of threat curve, boost security during software development