• Latest
  • Trending
Developers and Security – Using Data to Consolidate and Collaborate

Developers and Security – Using Data to Consolidate and Collaborate

November 25, 2021
Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022
Android 13 beta will test out-of-the-box support for most braille displays

Android 13 beta will test out-of-the-box support for most braille displays

May 20, 2022
WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses

WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses

May 20, 2022
Huawei and SolarEdge Sign a Global Patent License Agreement

Huawei and SolarEdge Sign a Global Patent License Agreement

May 20, 2022
Dijbouti Telecom Welcomes the Landing of 2Africa Submarine Cable

Dijbouti Telecom Welcomes the Landing of 2Africa Submarine Cable

May 20, 2022
Ghana Smart Africa Digital Academy launches its national digital academy

Ghana Smart Africa Digital Academy launches its national digital academy

May 20, 2022
Ghana’s Rural Telecom Facilities to be Upgraded to 4G

Ghana’s Rural Telecom Facilities to be Upgraded to 4G

May 20, 2022
Silicon Power Announces UD90 PCIe 4.0 SSD

Silicon Power Announces UD90 PCIe 4.0 SSD

May 20, 2022
ZADAK Announces TWSG4S PCIe Gen4 x4 SSD

ZADAK Announces TWSG4S PCIe Gen4 x4 SSD

May 20, 2022
Samsung Sampling 512GB CXL Memory Module

Samsung Sampling 512GB CXL Memory Module

May 20, 2022
IBM Elastic Storage System 3500

IBM Elastic Storage System 3500

May 20, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Monday, 23 May, 2022
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Developers and Security – Using Data to Consolidate and Collaborate

by ITECHNEWS
November 25, 2021
in Opinion
0 0
0
Developers and Security – Using Data to Consolidate and Collaborate

Software makes the world go round today. A decade since Marc Andreesen famously stated that ‘software is eating the world,’ the demand for code to deliver services and automate processes is only increasing. The advent of the COVID-19 pandemic forced companies that had not ‘gone digital’ to invest, while those that already ran online doubled down.

As part of this, approaches like agile development and DevOps helped. From focusing on shorter timeframes and smaller amounts of development to keep up with business demands, through to developers taking on responsibility for IT operations and running what they build, the software development team has increased the amount of the development process that it owns. In effect: “You build it, you support it.”

YOU MAY ALSO LIKE

How to Think about Threat Detection in the Cloud

The Current Status and the Future of the .Net Framework

However, security is often an afterthought in this process. In a rush to get more done, security can fall down the list of priorities. Despite the availability of best practice guides for secure software development from the National Cyber Security Centre and OWASP, getting security considered during the development pipeline can be difficult. To solve this problem involves looking at data, responsibility and changes to processes.

The first area for change is data. Today, software developers are involved in projects that rely on data to solve customer problems, yet how many of them use this information in their own workflows? There has been a massive increase in observability projects, where developers use application logs, metrics and tracing data to understand performance, but this data can be used for security as well. Done in the right way, this can actually help consolidate tools and data captured, so the organization does not have to pay twice for each team to capture data and analyze it.

This approach to data can go further, too. Just like software developers create systems that build on and use data to improve customer experience, they can take information from their own software pipelines to improve their processes around both development and security. As software projects move from coding to test, deployment and production, they generate data that can be captured and used over time. The problem previously was that processes did not put that data to work.

“Alongside the data, IT teams at organizations have to look at how they think about security from beginning to end”

For some teams, this is the problem of the cobbler’s shoes, in that they spend so much time working on other teams’ requirements around data that they don’t have time to prioritize their own needs. The other problem is that there are so many different pipelines to track – software development teams can have a lot of freedom to choose the tools, services and cloud platforms they use, so there is less standardization in place for what is deployed over time. It is therefore essential to get all that data into one place, so it can provide insight into what is going on across all the pipelines that are running concurrently.

Alongside the data, IT teams at organizations have to look at how they think about security from beginning to end. Security has to shift left and take place earlier in the process, but this requires the right mindset across all the teams involved. For example, are you incentivizing security in your process from the start, and how do you measure this? The right metric can be enormously effective in promoting good quality secure code at the beginning, while the wrong metric can lead to more problems over time. As anthropologist Marilyn Strathern observed, “When a measure becomes a target, it ceases to be a good measure.”

Instead, security and development teams can collaborate on improving the process, from thinking about security as part of process design and code development to preventing issues like misconfiguration in deployment. This includes allowing more time for code review, using code analysis tools, and mandating that rules on secure coding are followed. For example, this could be by tracking code developed over time and – rather than measuring by lines of code generated – looking at numbers of security issues prevented and solved.

Developers and security teams already use data to meet their goals. However, looking at this in context can help every team improve their results, consolidate their tooling and collaborate more effectively. By looking at security, development and DevOps as a whole, then setting up the right goals and metrics, teams can incentivize the right kinds of behavior rather than concentrating on specific targets. In effect: “You build it securely; you all support it effectively.”

Colin Fernandes EMEA Product Director, Sumo Logic

ShareTweetShare

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022
Android 13 beta will test out-of-the-box support for most braille displays

Android 13 beta will test out-of-the-box support for most braille displays

May 20, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022

Recent News

  • Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1 May 20, 2022
  • HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs May 20, 2022
  • Android 13 beta will test out-of-the-box support for most braille displays May 20, 2022
  • WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses May 20, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version