Posted in devops
Posts Tagged ‘process’
As more containers get deployed across the enterprise, securing them has become a much a higher priority. But while developers are getting better at securing applications, they still dont have much expertise when it comes to network security.
We started 2017 with predictions on what the year will bring for enterprise DevOps adoption, and as we approach the end of the year, we have seen more enterprises using DevOps-leading practices to both help keep up with innovative companies and be more agile, adaptable and scalable. For some organizations, DevOps represents a departure from traditional processes, roles and even responsibilities in favor of enabling more efficiency and speed for the business.
Striving to be an agile shop that is successful in devops isnt a new goal for most organizations. All teams want to deliver better apps faster.
Most discussions of containers focus on how they improve software delivery processes and complement other software tools. Equally important, however, are the benefits that containers offer to humans.
DevOps adoption is increasing by the minute, with more companies transforming their culture and technology to implement this model. The 2017 State of DevOps report speaks directly to their motivation: Organizations effectively utilizing DevOps principlesachieved 46x more frequent software deployments than their competitors, 96x faster recovery from failures, 440x faster lead time for changes and had higher levels of operational efficiency and overall customer satisfaction.
Lets look at traditional, linear application development process. It follows a sequential methodology, which means the bugs that are present in the current build will have to wait for the next build to be addressed.
For those responsible for container security within their organizations, clashing is now much more than just a fashion faux pas: The recently discovered Linux Stack Clash vulnerability (CVE-2010-2240) is a serious threat that attackers can exploit to gain root privileges within a container. Worse, if the exploit is applied in the hosts user space, it represents a critical danger in which an attacker could compromise running containers (or the Docker daemon itself).
Implementing a DevOps-first approach can drive competitiveness while creating a more secure environment As famous cryptographer Bruce Schneier once said, Security is a process, not a state or a product. It is a journey and not a destination.