A SANS Survey: Rethinking the Sec in DevSecOps: Security as Code
A SANS Survey by Jim Bird and Eric Johnson
The future of security is Security as Code. What does this mean to security professionals: to their priorities; to their training; to the investments that they make in technology and tooling?
This survey, the eighth in an annual series that focuses on application security and DevOps, examines DevSecOps in the cloud to understand:
- What do security teams need to understand about software development in order to meet the demand of high-velocity delivery?
- What are the necessary skills for architecting secure cloud services – and ensuring that vulnerabilities are caught and fixed as early as possible?
- What is the impact of different cloud architectures and platforms on this effort, including risks, strengths and weaknesses?