Software Security Activities that Support Incident Management in Secure DevOps
Chapter
Accepted version
Date
2018Metadata
Show full item recordCollections
- Publikasjoner fra CRIStin - SINTEF AS [5638]
- SINTEF Digital [2381]
Original version
ARES 2018. Proceedings of the 13th International Conference on Availability, Reliability and Security, Hamburg, Germany — August 27 - 30, 2018, pp6Abstract
Many software services are currently created using DevOps, where developers and operations personnel are more tightly integrated. The DevOps paradigm enables shorter development cycles, but increased speed has raised concerns over whether security issues may be overlooked. However, perfect security is never achievable, and in addition to the proactive software security efforts, we also need a reactive effort to handle flaws and bugs that are not discovered before they are used in an attack. In this paper we explore how focus on incident management and collaboration with developers can contribute to improved software security.