Please enable JavaScript to view the comments powered by Disqus. GitLab Presses Case for DevSecOps Collaboration

 

 

 

GitLab Presses Case for DevSecOps Collaboration

NovelVista

NovelVista

Last updated 23/07/2021


GitLab Presses Case for DevSecOps Collaboration

Cindy Blake, the senior security evangelist for GitLab, said the organization is focused on sharing a guide created in a joint effort with DevOps groups that allows associations to see what cybersecurity issues will be tended to when. 

Instead of simply sharing DevSecOps showcasing security, Blake said the objective is to urge engineers to partake in a criticism circle that will help organize what issues should be tended to over a mutual DevSecOps plan. 

The greater part of that exertion up to this point has concentrated on making instruments for checking for weaknesses a characteristic expansion of a DevOps work process by implanting them into GitLab Core. Most as of late, GitLab obtained Peach Tech, a supplier of convention fluff testing and dynamic application security testing (DAST) API testing tools, and Fuzzit, a constant fuzz testing tool. The organization likewise moved to make its CI/CD stage accessible as a lot of solidified Docker compartment pictures. 

The following need is to empower associations to build DevSecOps work processes crossing DevOps and cybersecurity groups, said Blake, taking note of it will be simpler to develop work processes at scale utilizing a CI/CD stage that firmly coordinates all the tools required. 

In time, GitLab plans to stretch out those endeavors to incorporate AI calculations that will be prepared to distinguish and remediate cybersecurity issues, she included.

As an establishing individual from the Open Source Security Foundation, GitLab is likewise dedicated to working with the remainder of the open source network to more readily secure software, Blake said. 

There's normally much more spotlight these days on application security. An ongoing Global DevSecOps Survey led by GitLab discovers designers are practicing more authority over security—over 25% of developers announced inclination exclusively liable for security, contrasted with 33% of security officials who state they own security. An aggregate of 29% of respondents said they accept everybody ought to be liable for security. 

Be that as it may, cybercriminals are likewise putting forth a coordinated attempt to bargain programming gracefully chains by embeddings malware into DevOps work processes developed on CI/CD stages. The test with making sure about open source stages, obviously, is the code utilized to fabricate these stages is available to anybody including, obviously, cybercriminals. 

It's too soon to state how much cybersecurity concerns are impacting the determination of CI/CD stages. Notwithstanding, as cybersecurity experts become more engaged with application improvement, it won't be long until issues including the security of the stages used to fabricate applications become a higher concern. 

Meanwhile, the line is obscuring between application development and cybersecurity. The test for every association will decide exactly how far left they need to move obligation regarding cybersecurity to the people who manufacture their applications versus a cybersecurity group that has a less personal stake in quickening the rate at which code is advanced into a creation situation.

Topic Related Post

ITSM Vacancies in 2021
The First Quantum Computing Applications Lab in India is being Built
AWS Sees a 54% Revenue Jump In India (Post Pandemic)

About Author

NovelVista Learning Solutions is a professionally managed training organization with specialization in certification courses. The core management team consists of highly qualified professionals with vast industry experience. NovelVista is an Accredited Training Organization (ATO) to conduct all levels of ITIL Courses. We also conduct training on DevOps, AWS Solution Architect associate, Prince2, MSP, CSM, Cloud Computing, Apache Hadoop, Six Sigma, ISO 20000/27000 & Agile Methodologies.

 
 

SUBMIT ENQUIRY

* Your personal details are for internal use only and will remain confidential.

 
 
 
 
 
 

Upcoming Events

ITIL-Logo-BL
ITIL

Every Weekend

AWS-Logo-BL
AWS

Every Weekend

Dev-Ops-Logo-BL
DevOps

Every Weekend

Prince2-Logo-BL
PRINCE2

Every Weekend

Topic Related

Take Simple Quiz and Get Discount Upto 50%

Popular Certifications

AWS Solution Architect Associates
SIAM Professional Training & Certification
ITIL® 4 Foundation Certification
DevOps Foundation By DOI
Certified DevOps Developer
PRINCE2® Foundation & Practitioner
ITIL® 4 Managing Professional Course
Certified DevOps Engineer
DevOps Practitioner + Agile Scrum Master
ISO Lead Auditor Combo Certification
Microsoft Azure Administrator AZ-104
Digital Transformation Officer
Certified Full Stack Data Scientist
Microsoft Azure DevOps Engineer
OCM Foundation
SRE Practitioner
Professional Scrum Product Owner II (PSPO II) Certification
Certified Associate in Project Management (CAPM)
Practitioner Certified In Business Analysis
Certified Blockchain Professional Program
Certified Cyber Security Foundation
Post Graduate Program in Project Management
Certified Data Science Professional
Certified PMO Professional
AWS Certified Cloud Practitioner (CLF-C01)
Certified Scrum Product Owners
Professional Scrum Product Owner-II
Professional Scrum Product Owner (PSPO) Training-I
GSDC Agile Scrum Master
ITIL® 4 Certification Scheme
Agile Project Management
FinOps Certified Practitioner certification
ITSM Foundation: ISO/IEC 20000:2011
Certified Design Thinking Professional
Certified Data Science Professional Certification
Generative AI Certification
Generative AI in Software Development
Generative AI in Business
Generative AI in Cybersecurity
Generative AI for HR and L&D
Generative AI in Finance and Banking
Generative AI in Marketing
Generative AI in Retail
Generative AI in Risk & Compliance
ISO 27001 Certification & Training in the Philippines
Generative AI in Project Management
Prompt Engineering Certification
SRE Certification Course
Devsecops Practitioner Certification
AIOPS Foundation Certification
ISO 9001:2015 Lead Auditor Training and Certification
ITIL4 Specialist Monitor Support and Fulfil Certification
SRE Foundation and Practitioner Combo
Generative AI webinar
Leadership Excellence Webinar
Certificate Of Global Leadership Excellence
SRE Webinar