Have you ever heard of: ‘one apple a day keeps the doctor away’? Fact that makes each one of us responsible for doing a small action that should improve our life.
If we took this to the DevOps world, the proverb would be brought by DevSecOps. It adds security to the process and shifts security from reactive to proactive. Makes each team member responsible for the security of the development, the platform and the deployment, in short, of the entire product.
To eat an apple would be way too easy, and that’s not what we are here for, not to be conformist, though we are adaptable we are ready to take action based on these next terms:
* Teams: everyone is responsible, we must break down the barriers between us, no more traditional silos of expertise, build and deploy with security is everyone's concern.
* Process: teamwork is encouraged, never hearing again: “that’s not my problem”
* Technology: we need to fight against technical security debt because that’s the ballot paper we be in the news.
To sum it all up, security sets the requirements and DevOps manages the frequency of scan occurrences according to the development practices. Will see how to assess the level of maturity of our organization, what metrics should we review and which are the warning signs before is too late for an ‘apple a day’ or our company makes the front page.