You are here

You are here

Best of TechBeacon 2015: Top 10 security stories

Mike Barton Managing Editor, TechBeacon

Security is a critical issue, regardless of where you sit in the development pipeline. To get out in front of threats, a move is on via DevOps, and more generally, to think about security first when engineering software — to bake security right into the app itself. Security experts weighed in during 2015 on the top security trends that should be your top considerations in the coming year.  

Here are TechBeacon's 10 must-read security stories from 2015:

The state of developer-first: Movement aims to move the needle on application security

Developer-first security first is a logical extension of how software is developed today. As more organizations adopt the DevOps approach to application development, IT gets less involved in the process, and developers take on operational responsibility for the entire lifecycle of an application. John Mello reports.

If data security is job 1, why treat it as an afterthought?

Is your organization already compromised by a long-term exploit? What are you doing to minimize your attack surface? How many attempted data security breaches do you catch every day? How many do you miss? And how do you know? Martin Heller asks the hard questions in light of the OPM breach, among others.

Josh Corman on SecOps: How shared team values can reduce threats

While DevOps involves processes and tool chains, the defining attribute is culture, and empathy is a cultural value. Marcel Santilli shares takeaways from an interview with supply chain automation software vendor Sonatype's Josh Corman.

Top takeaways from the 2015 Gartner Magic Quadrant for application security testing

Application security testing has become a ripe area for developers as more companies become aware of the key role the practice plays in securing data. John Mello reports the top takeaways from Gartner's report.

3 cutting-edge data security technologies that will help secure the future

Antivirus and firewalls are so last decade. Rob Lemos reports on three technologies that could prove important in securing the future.

Managed PKI certificates: Securing the IoT one step at a time

As more devices are connected online, companies are being exposed to crime in novel, expensive ways. Many leaders in the tech industry recognize the importance of security as the Internet of Things (IoT) expands. Noted expert Scott Amyx offers this analysis.

3 ways threat intelligence can bolster software development

For the most part, software developers do not need the real-time situation awareness that threat intelligence strives to provide, yet knowing what attackers are doing could help focus efforts. Rob Lemos describes three ways that threat intelligence can help developers.

Why DevOps is essential for security at scale

DevOps is all about going faster. But DevOps is also crucial to achieving security at scale. Back when enterprises only needed a few on-premises servers, a small team could maintain security with ad-hoc fixes. Today, enterprises rely on hundreds, or even thousands, of applications, services, and security tools scattered across data centers around the world. The scale of these systems makes ad-hoc methods cumbersome and ineffective. A DevOps approach offers a better alternative. Here are a few tips on using DevOps to defend the enterprise, writes Novetta's Shawn Masters.

Beyond automation: Cognitive computing gets real, promising better security

Automation can help, but delivering better data to human analysts is not enough. Systems that can adapt to changes in attack patterns are the future, reports Rob Lemos.

SecOps: How security with DevOps can deliver more secure software

The DevOps approach gives InfoSec groups an opportunity to integrate security earlier in the software development and deployment process— if they're willing to accommodate the cultural changes that come with the territory. Jaikumar Vijayan reports.

Keep learning

Read more articles about: SecurityInformation Security