A guide to achieving DevSecOps in Kubernetes environments :RedHat whitepaper (Audiobook)

Introduction Over the past decade, organizations have increasingly embraced modern software development practices, public cloud infrastructure, and cloud-native software such as Kubernetes and containers to fuel their digital transformation and innovation. At the center of these changes is DevOps, a set of practices and tools designed to enable teams to deliver software applications and manage infrastructure environments at high velocity. DevOps emphasizes principles such as increased collaboration, shared responsibility for development and operations, removing barriers between operational teams, and autonomous decision-making, all in the spirit of achieving greater speed and consistency. DevOps relies on methodologies that use automation and continuous integration and delivery (CI/CD), and treats infrastructure and application components as immutable. These changes can strain existing security programs. DevOps-driven adoption of new technologies and processes may mean security is an afterthought and can expose new gaps in security coverage and risk management. Security teams must therefore work toward a familiar set of goals for modern computing environments—avoiding security incidents, breaches, and exposures; establishing security best practices and policies to be implemented on an organization-wide basis; and managing resources to minimize operational overhead, alert fatigue, tool sprawl, and manual investigative workflows—in ways that align with the approaches that engineering teams favor. This has given rise to the concept of DevSecOps: the combination of DevOps practices and security strategies as a means for every organization to increase protection and reduce risk to their modern software environments. This whitepaper provides an overview of what DevSecOps is and how organizations can adopt its practices in conjunction with technologies such as Kubernetes and containers to achieve strong, scalable security for their cloud-native environments. Kubernetes security trends and challenges Organizations continue to rapidly shift their software development efforts to hybrid cloud environments focused on Kubernetes, containers, microservices, and service meshes. These modernization efforts can substantially impact organizations by requiring new personnel skills, tooling, processes, and culture. The introduction of new technical architectures and operational patterns associated with these efforts also results in security challenges that stem from greater complexity—for example, the number of cloud-native technologies that a single organization uses can easily climb into the dozens.

There are no comments yet.

Please log in to write the first comment.