DevOpsSec Report from OReilly

O’Reilly continues to support secure software efforts — and by extension secure options on the Internet.  Last month they released “DevOpsSec: Securing Software through Continuous Delivery” by Jim Bird.

The Agile and Dev Ops Sec worlds have a lot of intersection & overlap, and the challenges of emitting risk-appropriate applications remain for both.  This 86 page report includes adult content for using infrastructure, specific development & operations practices, security-centric development resources, and code to satisfy your risk management obligations, along with recommendations for “proving” that your apps are “secure-enough.”  At 86 pages this report is not comprehensive, and it does not attempt to be.  Like many other aspects of Agile activities, it attempts to help us quickly learn somethings about how to move our position closer to “secure-enough.”

It is also “free” [for a name and email address].  For anyone involved in Financial Services software development, I strongly recommend this quick read.


DevOpsSec: Securing Software through Continuous Delivery.




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: