Managing security and privacy within DevOps – article

DevOps is the practice of software engineers and operations professionals working together through the software development, production, and support lifecycle. When embracing the DevOps culture, the software development lifecycle of many application development teams evolves from the waterfall model to a more agile approach, which has caused security compliance to become an industry challenge. The Microsoft IT Information Security & Risk Management (ISRM) team is working to move security and risk management upstream by developing a process where they get involved earlier in the software development lifecycle. The solution includes the use of industry-leading tools for static and dynamic analysis as well as infrastructure scanning. View full post on SXP RSS Feed