2022-07-12T06:05:00Z

What are your best practices to achieve DevOps security in the cloud?

EB
  • 3
  • 62
PeerSpot user
3

3 Answers

Ashish Raghute - PeerSpot reviewer
User
2022-07-20T03:26:01Z
Jul 20, 2022

In addition to the traditional best practices for cybersecurity, focus on the "rapidly changing" security posture that is the result of DevOps. 


Look at the ephemeral nature of objects - are these hardened and protected or would these open up the weakest link that hackers are waiting to see. This requires examining scripts/code thoroughly because as we know it, code can write code too. 


Guard against the code injection. Finally, ensure that any damage can be contained quickly - through observability and analytics and a competent SOC that is available to respond 24x7x365. 

Search for a product comparison in Cloud and Data Center Security
Shibu Babuchandran - PeerSpot reviewer
Real User
ExpertModerator
2022-07-14T09:58:49Z
Jul 14, 2022

Hi @Evgeny Belenky​,


Some of the below points would help in setting the security framework for DevOps:



  • Embrace a DevSecOps model

  • Enforce policy & governance

  • Automate your DevOps security processes and tools

  • Perform comprehensive discovery

  • Conduct vulnerability management

  • Adopt configuration management

  • Secure access with DevOps secrets management

  • Control, monitor, and audit access with privileged access management

  • Segment networks

  • Monitor the DevOps pipeline and applications

  • Keep security processes clear and minimal, but forceful

  • Due Diligence of Admin Credentials

  • Enforce Least Privilege

    EB
    Community Manager
    2022-07-25T05:16:30Z
    Jul 25, 2022

    Hi @Adriamcam, @BobenGeorge, @reviewer1098015, @BasilDange, @Nadeem Syed ​and @Oleg Pekar,


    We'd like you to hear your professional opinion about this topic.


    Thanks for sharing your knowledge with the community!  ​ ​ ​ ​

    Find out what your peers are saying about VMware, Cisco, Akamai and others in Cloud and Data Center Security. Updated: March 2024.
    765,234 professionals have used our research since 2012.
    Cloud and Data Center Security
    This category within cybersecurity focuses on the protection of data, applications, and infrastructures in both cloud environments and physical data centers.
    Download Cloud and Data Center Security ReportRead more