Your security teams may know how to build a security platform, but that doesn’t mean they should build one. If you are not a security company, then your security platform may also be an amateur effort, filled with poorly configured components that endanger your data safety.
The advantages of moving security into the DevOps lifecycle early are well-studied. For example, Puppet’s 2019 State of DevOps Report details numerous ways that both security and DevOps improve when security is integrated into DevOps earlier (AKA: Shift Left). However, the flip side of this dynamic garners far less attention: integrating DevOps principles into security. […]