The Security Policy to Development Procedure Gap

The Security Policy to Development Procedure Gap

Research Director, Altaz Valani, offers expert advice on DevSecOps practices and what is needed to close the security policy-to-development procedure gap:

Usually, when we talk about DevOps, there’s an emphasis on development and operational activities. Often, a key focus is neglected: how we inject security into the DevOps context.

If we examine the confluence of events leading to the current issues we face around security and DevOps, two broad factors become clear. For one, security has been left behind in the DevOps discussion, as traditional (useful) security controls haven’t fully migrated into the DevOps workflow. Secondly, for those teams that embed security into DevOps, the security mindset gets in the way of rapid release cycles. This leads to hasty or missed security reviews.

To read more, visit here:

About Security Compass
Security Compass, a leading provider of cybersecurity solutions, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows. Its flagship product, SD Elements, allows organizations to balance the need to accelerate software time-to-market while managing risk by automating significant portions of proactive manual processes for security and compliance. SD Elements is the world’s first Balanced Development Automation platform. Security Compass is the trusted solution provider to leading financial and technology organizations, the U.S. Department of Defense, government agencies, and renowned global brands across multiple industries. The company is headquartered in Toronto, with offices in the U.S. and India. For more information, please visit