Software Security Activities that Support Incident Management in Secure DevOps

Abstract

Many software services are currently created using DevOps, where developers and operations personnel are more tightly integrated. The DevOps paradigm enables shorter development cycles, but increased speed has raised concerns over whether security issues may be overlooked. However, perfect security is never achievable, and in addition to the proactive software security efforts, we also need a reactive effort to handle flaws and bugs that are not discovered before they are used in an attack. In this paper we explore how focus on incident management and collaboration with developers can contribute to improved software security.

Read publication

Client

Research Council of Norway (RCN) / 247678

Language

English

Author(s)

Martin Gilje Jaatun

Affiliation

SINTEF Digital / Software Engineering, Safety and Security

Year

2018

Publisher

Association for Computing Machinery (ACM)

Book

ARES 2018. Proceedings of the 13th International Conference on Availability, Reliability and Security, Hamburg, Germany — August 27 - 30, 2018

ISBN

978-1-4503-6448-5

External resources

https://www.sintef.no/sos-agile

DOI

https://doi.org/10.1145/3230833.3233275

Read fulltext

https://hdl.handle.net/11250/2571489

View this publication at Cristin

Contact us

Our services

Career

Sustainability

Management and board

Institutes

Other units

About us

Follow us