patternModerate
What Is SecOps?
Viewed 0 times
whatsecopsstackoverflow
Problem
First when I heard the word SecOps, I thought of it as a management approach that aims to connect security and operations teams, in much the same way that DevOps unifies developers and operations team.
But isn't security just a piece of the DevOps puzzle ?
DevOps already includes processes like component monitoring ,version management, benchmarking, code review, continuous monitoring ..
What other can SecOps add to a DevOps team , or is it another buzz word maybe ?
But isn't security just a piece of the DevOps puzzle ?
DevOps already includes processes like component monitoring ,version management, benchmarking, code review, continuous monitoring ..
What other can SecOps add to a DevOps team , or is it another buzz word maybe ?
Solution
I'd agree this is a buzzword as much as DevOps can be.
Main task of a SecOps added on top of an usual operational engineer tasks is to take the burden of following CVE publication feeds, handling the remediation, usually handling things historically handled by the security or network administration team (Firewall rules, Web Applications Firewall exceptions)
If you see a Sysadmin in a DevOps org as a sysadmin able to read and be part of the application code, a SecOps would be a sysadmin able to be part of the security rules of the infrastructure around the servers themselves.
In some structure keeping silos of responsibility (Sales, Business, Dev, Ops, Security, Monitoring), Security Engineer and Operation Engineers are as separated as Developers and Operations Engineers, while not embracing a full DevOps organization, moving to a SecOps model is a first step to reunite two separated team historically closer and less antagonist in the silo based organization. Some people are also more comfortable to add either the operation or security facet in their current job than growing code skills.
To summarize, I would define SecOps as a first step toward a DevOps org, aiming at getting a multi-skill team around security/network/operating systems engineers where they are separate teams in an existing department.
Main task of a SecOps added on top of an usual operational engineer tasks is to take the burden of following CVE publication feeds, handling the remediation, usually handling things historically handled by the security or network administration team (Firewall rules, Web Applications Firewall exceptions)
If you see a Sysadmin in a DevOps org as a sysadmin able to read and be part of the application code, a SecOps would be a sysadmin able to be part of the security rules of the infrastructure around the servers themselves.
In some structure keeping silos of responsibility (Sales, Business, Dev, Ops, Security, Monitoring), Security Engineer and Operation Engineers are as separated as Developers and Operations Engineers, while not embracing a full DevOps organization, moving to a SecOps model is a first step to reunite two separated team historically closer and less antagonist in the silo based organization. Some people are also more comfortable to add either the operation or security facet in their current job than growing code skills.
To summarize, I would define SecOps as a first step toward a DevOps org, aiming at getting a multi-skill team around security/network/operating systems engineers where they are separate teams in an existing department.
Context
StackExchange DevOps Q#686, answer score: 18
Revisions (0)
No revisions yet.