DevOps-driven software development approaches are pervasive among organizations embracing the cloud. Unlike traditional software development approaches, DevOps helps organizations shorten the time it takes to build and ship cloud applications. Introducing security early in the software development lifecycle, along with continuous monitoring in production environments, improves the overall security posture of cloud applications and reduces business risk.
How can we incorporate security with an automated approach?
Can we stop risk management from being an afterthought that begins once the software is in production (which often stifles innovation and reduced time to market)?
How do we reduce the attack surface as well as time to detect/resolve security issues—without impacting the agility gained through a DevOps approach?