1、Dev.Sec.Ops.Protecting the Modern Software FactoryOver the last 30 years,DevOps supplanted Agile,which itself had come to revolutionize Waterfall development.Loosely coupled microservices are now considered state-of-the-art to implement service-oriented architectures.Development timeframes have been

2、 compressed,deployments are done on a weekly or daily basis,and the cloud now supports a highly dynamic supply of computing capacity,infrastructure,storage,and network.The DevOps philosophy has often been summarized by the slogan“move fast and break things”,which means that because its so easy to de

3、ploy source code to production,you should be using this leverage to innovate faster,and fearlessly.But there is a catch.DevOps organizations still need to satisfy security and compliance criteria,because cybersecuritys fundamental mission remains the same:make sure things work as they should,and onl

4、y as they should.The high flexibility and openness of modern software supply chains force us to rethink them.Thats the core value proposition of DevSecOps:imagine new security solutions to better protect the modern software factory.However,the road is not without challenges.A partnership is needed b

5、etween development,security,and operational teams to make security a frictionless process.Supply chains and pipelines are becoming the preferred targets for attackers,and have to be protected in a holistic manner.The application security shared responsibility model is a stepping stone on this road.I

6、t enables a platform to integrate automated security solutions,start small,build up capabilities,install feedback loops,and strive for continuous improvement.Security:a next step for DevOpsUnderstanding the modern software factory weak spotsSecurity must preserve developers productivityThe core valu