How to maintain security in continuous deployment environments

Listen to Your DevOps Heart

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

DevOps at its heart leads to continual improvement in software through continuous deployment: develop, deploy, and repeat. But continuous deployment requires lots of changes to that software on a weekly or even daily basis. As you well know, change can be the enemy of security.

So how do we maintain security in software created in continuous deployment environments?

Security challenges & solutions in continuously deployed software

Hackers frequently target specific vulnerabilities that allow cross site scripting and SQL injection. Defensive programming seals these holes using input validation, where you check all input into an application and reject any harmful input. “You simply don’t allow input sequences that could be used to inject code into a browser or database,” says Tom Stiehm, CTO, Coveros.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.