Cloud native, DevOps and SecOps can all Be in harmony if you will start with what outcomes do you want :-)
October 2, 2018
Cloud native, DevOps and SecOps can all Be in harmony if you will start with what outcomes do you want 🙂
Reduce threat surface with containers and rolling updates.
Verizon’s cyber report suggested Advanced persistent threat actors stayed active for up to 200 days before detection…
if you tear down and rebuild every 30 days, those actors will go elsewhere since your infrastructure will require constant re-penetration.
Living too far up the abstraction ladder gives quick results to market, but leaves many hidden challenges that typically can be avoided by ensuring your environment is purpose built with the minimum functionality required to perform.
Virtual Machines are dangerous since you typically bring a whole “General Purpose” computing operating system along and attempt to “secure” it. Containers can be safer since you can add only what you need and avoid “drag-along” functionality.