Wednesday, November 30, 2022
Home TECH Security tools help bring development and security teams together

Security tools help bring development and security teams together

Software development teams are increasingly focused on identifying and mitigating any issues as quickly and completely as possible. This relates not only to the quality of the software but also to the security of the software. Different organizations are at different levels when it comes to having their development teams and security teams work together, but the simple fact is that there are far more developers than there are security engineers.

Those factors are leading organizations to consider security and automation tools to proactively discover and resolve any software security issues throughout the development process. In the recent report, “GigaOm Radar for Developer Security Tools,” Shea Stewart examines a roundup of security tools geared toward software development teams.

Stewart identified three critical criteria to consider when evaluating developer security tools. These include:

  • Vendors that provide tools to improve application security can and should also improve an organization’s overall security posture.
  • The prevailing “shift left” mentality does not necessarily mean that the responsibility for reducing risk should shift to development, but focusing on security early in the process and continuing to do so throughout the development process will reduce risk and need for an extensive review. .
  • Security throughout the software development lifecycle (SDLC) is critical for any organization focused on reducing risk.

Figure 1. How cybersecurity is applied at each stage of the software development lifecycle *Note: This report focuses only on the Developer Security Tools area

Individual vendors have made varying levels of progress and innovation to improve developer security. After multiple acquisitions, Red Hat, Palo Alto Networks, and Rapid7 added developer security tools to their platforms. Stewart believes that some of the smaller providers, such as JFrog and Sonatype, will continue to innovate to stay ahead of the market.

Vendors delving into this category and delving into “DevSecOps” seem to be taking different approaches to their enhanced security tools. While they involve security in all aspects of the development process, some tend to move faster to match the pace of the SDLC. Others are trying to shore up existing platforms by adding functionality through acquisition. Both infrastructure and software developers now share sets of tools and processes, so these development security tools must take into account the requirements of both groups.

While none of the 12 vendors evaluated in this report can provide comprehensive security across the entire SDLC, they all have their particular strengths and areas of focus. Therefore, it is up to the organization to fully and accurately assess its SDLC, engage development and security teams, and match unique requirements with the functionality provided by these tools. Even if it means using more than one at different points throughout the process, focus on striking a balance between tight security and simplifying the development process.

Read More: Key Criteria for Evaluating Developer Security Tools and the Gigaom Radar for Developer Security Tool Companies.



Elon Musk says Twitter will give ‘amnesty’ to suspended accounts starting next week

If Twitter looks like a garbage fire right now, just wait. CEO Elon Musk announced a blanket pardon for nearly all suspended accounts...

Officials Seek Fixes For Exploding E-Bike Batteries – NPR

Electric bicycles are becoming fashionable. But damaged or improperly charged batteries can explode and start deadly fires,...


Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

Georgia Supreme Court reinstates state ban on abortions after about six weeks of pregnancy

Georgia Supreme Court reinstates state ban on abortions after about six weeks of pregnancy

Adderall and amoxicillin shortages raise questions about transparency at Big Pharma

Critical shortages of the ADHD drug Adderall and the antibiotic amoxicillin have left families reeling as the medications their loved ones need become harder...

Humberside Police judged ‘outstanding’ five years after being classified as failing | politics

A police force has gone from being classified as a failure five years ago to receiving the highest ratings in the modern era from...

Readers discuss Trump devotees, Republican love of guns and healthy eating – New York Daily News

Medford, LI: On successive news days this Thanksgiving week, I read that US Attorney General Merrick Garland has appointed a special prosecutor to investigate...