For years, security has been an afterthought — functionality that developers and product managers often address at the last minute, right before a build is about to ship. For some individuals and teams, this practice stems from a reactive approach to security, in which vulnerabilities are expected to be dealt with only once they’re discovered after a release. For others, this stems from prioritizing additional features and functionality (and immediate ROI) over security (and minimizing risk). For most, however, the cause of this issue is more systematic in nature.
Businesses today expect speed from development teams. Too often, the questions that leaders and managers ask concern the time of the next deployment or how soon a bug can be fixed, rather than how well a problem is addressed. This mindset is innately oppositional to ensuring the security of an application. Security, like any other part of software development, is iterative; it takes rounds of testing and attention to detail from all stakeholders involved in order to eliminate vulnerabilities.
Advertise on IT Security News.
Read the complete article: Publication Release: DevSecOps Trend Report