DevSecOps

Cloud security at the speed of DevOps

Security and compliance testing earlier in the cycle for faster remediation and time-to-market

Simple one-click security testing of CFTs before deployment

Balance between closed security posture and rapid cloud access for deployments

Protection from unauthorized modifications to security configurations

Intelligent alert prioritization, improving the signal to noise ratio by a factor of two

Native and API-based integration with popular DevOps tools

Problem

DevOps and Continuous Delivery practices are being widely used by organizations that want agility and faster time-to-market to better respond to changing business needs. Development, QA and operations teams face the challenge of incorporating security into the product lifecycle without slowing things down. Siloed approaches to security hardening that worked in the past are incompatible with the holistic, iterative model of software development and deployment with DevOps. For example, security reviews involved mostly manual processes at the end of product development and QA. Any security risks or issues identified in the product sent the code back to development, causing significant delays.

Security Integration in the Devops CI/CD Pipeline

Solution

The Dome9 Arc platform allows you to incorporate security and compliance into how you build, deploy and run applications in the public cloud without sacrificing agility. Dome9 provides the security foundation for Rugged DevOps with tools that allow automated testing and enforcement of security. Here are four ways in which DevOps teams can harden their applications with Dome9 Arc:
Rugged Devops Security Integration Solution

  • Validation Before Deployment: Test the security and compliance posture of application architectures (e.g., AWS CloudFormation templates) with a single click prior to deployment.

  • Automated Testing During Development: Use the Dome9 Arc API to incorporate testing of security best practices and compliance into the continuous build processes early in the cycle.

  • Security During Deployment: Maintain a closed-by-default security posture in the cloud by locking down cloud environments except to allow authorized software deployment.

  • Actionable Alerts: Streamline alerts in highly dynamic cloud environments with machine intelligence, allowing operations teams to focus on alerts that require immediate attention. These real-time, actionable alerts and notifications are delivered in AWS environments through the Simple Notification Service (SNS), which can be consumed by downstream applications such as Splunk, Sumo Logic, Graylog and Loggly.

The Dome9 Rugged DevOps solution allows security and compliance to be incorporated early and often into the software development and deployment lifecycle. With security checks built into the continuous deployment pipeline rather than at the end, DevOps is able to find and fix security vulnerabilities early, accelerating an organization’s time-to-market. The Dome9 API allows security to simplify integration with popular DevOps tools, allowing Dome9 services to be built into automated workflows.

“As a security department, it’s very important to have a quick, reliable, and current view of the configuration and control over the security settings of cloud accounts and assets. This enables us to automate controls and react quicker with fewer resources.”
-Ewald Wicher, Senior Manager Information Security, Western Union

Ready to Experience CloudGuard?

This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO