NCS Blog: DevOps and Separation of Duties

From my NCS blog post:

Despite the rapid growth of DevOps practices throughout various industries, there still seems to be a fair amount of trepidation, particularly among security practitioners and auditors. One of the first concerns that pops up is a blurted out "You can't do DevOps here! It violates separation of duties!" Interestingly, this assertion is generally incorrect and derives from a general misunderstanding about DevOps, automation, and the continuous integration/deployment (CI/CD) pipeline.

Continue reading here...

About this Entry

This page contains a single entry by Ben Tomhave published on January 26, 2017 6:23 PM.

NCS Blog: "Minimum Viable" MUST Include Security was the previous entry in this blog.

RSA USA 2017 In Review is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Monthly Archives


  • about
Powered by Movable Type 6.3.7