1) People a) Build relationships between teams, don’t isolate. b) Adopt security to DevOps flow – don’t expect others to adopt security. c) Empower dev/ops to deliver better, faster and secure, instead of blocking. d) Focus on solutions instead of blaming. e) Identify, nurture security conscious individuals. f) Fix by priority – don’t attempt to fix it all. 2) Process a) Involve security from the get-go (design or ideation phase). b) Identify, nurture security conscious individuals. c) Security controls must be programmable and automated wherever possible. d) DevSecOps feedback process must be smooth and governed. e) Keep an eye out for simpler and better options and be pragmatic to test and use new tools. f) Fix by priority – don’t attempt to fix it all. 3) Tools/Tech a) Templatize scripts/tools per language/platform b) Adopt security to DevOps flow – don’t expect others to adopt security. c) Keep an eye out for simpler and better options and be pragmatic to test and use new tools. d) Focus on solutions instead of blaming. e) Involve security from the get-go (design or ideation phase). f) Build relationships between teams, don’t isolate.

CTO - Matching Security Enablers?

สั่งพิมพ์
ฝัง

ลีดเดอร์บอร์ด

สไตล์ภาพ

ตัวเลือก

สลับแม่แบบ

คืนค่าการบันทึกอัตโนมัติ: ใช่ไหม