Software Security Activities that Support Incident Management in Secure DevOps
MetadataShow full item record
Original versionARES 2018. Proceedings of the 13th International Conference on Availability, Reliability and Security, Hamburg, Germany — August 27 - 30, 2018, pp6
Many software services are currently created using DevOps, where developers and operations personnel are more tightly integrated. The DevOps paradigm enables shorter development cycles, but increased speed has raised concerns over whether security issues may be overlooked. However, perfect security is never achievable, and in addition to the proactive software security efforts, we also need a reactive effort to handle flaws and bugs that are not discovered before they are used in an attack. In this paper we explore how focus on incident management and collaboration with developers can contribute to improved software security.