This blog was orginally posted on DevOps.com: https://devops.com/predictions-for-devops-security-in-2018/
Automation continues to be a major driver of DevOps as a whole. In 2018, we’ll continue to see a shift in how and where automation is applied in the DevOps life cycle. More specifically, DevOps will move toward adoption of integrated automation and security orchestration solutions. The need to move away from a reactive DevOps security model will see more teams integrating new solutions that leverage machine learning, analytics and orchestration that can provide incident management insights in real time.
Based on that approach, here are three security predictions for DevOps in 2018.
Continuous Response Will Become a Fundamental Part of the CI/CD Process in 2018
DevSecOps will increasingly integrate security into the continuous integration/continuous delivery (CI/CD) process through continuous response using automation that eliminates manual processes. This continuous response as part of the CI/CD chain will go beyond ensuring that an application satisfies certain defined baseline security needs and move towards automated threat hunting that maximizes security team response accuracy. By injecting security monitoring into the code level, continuous response can happen right from development to pre-production to the ongoing use life cycle. When this is done right, responding to security vulnerabilities becomes easier during each step of the process, reducing the time taken to fix or mitigate vulnerabilities.
DevOps Will Transition from Reactive to Predictive Security Processes
As market sophistication increases around cloud security, integration and incident lifecycle management, companies will become much more proactive at managing security within the DevOps life cycle. The need for integrating security orchestration into the development process rather than reacting to issues once a project has been deployed to production is clear based on the huge costs of reactive measures. As these platforms and tools become more available in 2018, companies will begin adjusting their DevSecOps mindset on both a cultural as well as product level to create a more holistic, inclusive process.
We’ll See Solutions that Integrate RASP with Security Orchestration
Having a comprehensive security solution for web applications with heightened detection, visibility, and remediation capabilities will be key to response acceleration of web application vulnerabilities in 2018 and beyond. By extending security orchestration to web application security, developers and security teams will be capable of closing the interoperability gap. The key will be an increased visibility into the application and context in which attacks are happening, thus protecting web applications and API services in real time.
Integrated solutions will enable users to design and deploy custom security rulesets based on the rich data derived from analytics to improve RASP solutions through expanded orchestration capabilities. The result will be a much-improved web application security layer capable of identifying and isolating active attackers, separating breaches from attack attempts and creating and enforcing active protection policies for better application protection. This ability to respond to escalating web-based attacks will eliminate days, weeks and months off manual tasks.
For more cutting-edge and informative security content, subscribe to email updates from Demisto.