The real value of continuous security scanning for cloud-based workloads
These days cloud application developers are also security engineers. Who did not see this coming, given that application-level security is no longer an option? Also, we are pushing developers to build applications at scale, meaning they are becoming ops engineers and database engineers as well as security engineers, which is scary.The fact that most developers are not security experts is not lost on me. This has led to devsecops practices where developers are given training, tools, and processes to build and deploy more secure cloud-based applications. Of course, anyone who has attempted to implement that kind of cultural change has found that it can’t be done in weeks. It takes months and sometimes years.To read this article in full, please click here
These days cloud application developers are also security engineers. Who did not see this coming, given that application-level security is no longer an option? Also, we are pushing developers to build applications at scale, meaning they are becoming ops engineers and database engineers as well as security engineers, which is scary.
The fact that most developers are not security experts is not lost on me. This has led to devsecops practices where developers are given training, tools, and processes to build and deploy more secure cloud-based applications. Of course, anyone who has attempted to implement that kind of cultural change has found that it can’t be done in weeks. It takes months and sometimes years.