The annual State of DevOps report is out for 2018 and the study offered up some very strong proof points for the tight relationship between mature DevOps practices and improved security operations.
All about Virtualization and Cloud Security | Recent Articles:
The importance of a strong enterprise cybersecurity culture to the overall effectiveness of an IT security department can't be understated. It's consistently named by executives as a crucial, if ephemeral, ingredient for cyber risk management success.
Make no mistake, DevOps trends are catching fire in the enterprise these days and for good reason. A new report out by DevOps Research & Assessment (DORA) shows that the highest performing DevOps organizations are crushing their software delivery metrics.
Security professionals, penetration testers and malware investigators are preparing to get energized. In just about a week the hacking community will converge on Las Vegas to drop their biggest discoveries of the year at the podiums of Black Hat USA. This annual confab always offers up a range of great new ideas for defenders, red teamers and security researchers—as well as a boatload of new tools. This year's show should be no different. The buzz is already growing for a number of previously unseen tools that will help security pros solve tough problems and break things in whole new ways. Here are a few highlights.
The rising tide of criminal schemes to steal compute cycles for mining cryptocurrency has reached a high-water mark. This month researchers report that cryptojacking malware and attacks have overtaken ransomware as the number one malware threat online today.
Automation is enterprise cybersecurity's biggest buzzword as organizations seek to keep pace with a threat landscape that grows more frenetic by the hour. But as automation spending skyrockets, many enterprises are finding that they're not getting the most out of their investment.
Electric car manufacturer Tesla is facing a nightmare insider attack scenario for which too many companies today fail to prepare. Tesla CEO Elon Musk admitted this week that an employee managed to intentionally wreak havoc with the software code that underpins the company's manufacturing system. The fallout has resulted in "quite extensive and damaging sabotage to our operations," according to Musk in a company-wide email that was leaked to CNBC two days ago.
Last week the team behind Git, a platform that powers millions of the world's developer code repositories--including those on the wildly popular GitHub hosted service--released a crucial security update meant to keep developer environments safe. The patch was made to fix a flaw in how Git handles submodule repository configuration during cloning. It's a dangerous hole that could give attackers the power to create malicious Git repositories and leverage them to run arbitrary code execution on target developer machines.
After years of hype, 2018 may finally see the start of the mainstream adoption of software-defined networking (SDN). And with it, network virtualization and software defined data centers (SDDC) could be on the cusp of big breakthroughs. So say the results of the new research from Enterprise Management Associates (EMA).
We're at less than a month before the EU General Data Protection Regulation (GDPR) regulations go live and global readiness still lags considerably. Companies around the world are in varying states of compliance, with a fair number of organizations out there that still haven't even stepped up to the start line of their GDPR compliance journey.
Last week's DevOps Connect event at RSA Conference brought together some of the leading minds in the DevOps and AppSec communities to discuss DevSecOps. Given the audience, a lot of the discussions focused on awareness themes for security folks still wrapping their heads around the idea of embedding their people into cross-functional DevOps teams. But each year these DevOps confabs at RSAC, the security audience grows savvier in continuous delivery principles, and the programming is trending more toward the real nuts and bolts of instituting DevSecOps.
Building an effective cybersecurity team is no mean feat. Hiring managers struggle to find experienced talent today and according to the most recent figures from ISACA, one in three organizations say it takes six months or longer to fill any given security position.