In the past few years, DevOps has moved from a niche approach to application development to an enterprise strategy that stands front and center in organizations today.And the move to DevOps is happening quickly, and information security practitioners often feel they are being pulled along, reluctantly, for the ride. All of this is happening while the foundation of enterprise IT more rapidly shifts from on-premises to cloud and as the nature of development shifts to continuous integration and continuous deployment. And so is the very nature of application quality and security testing becoming more scripted, continuous, and automated.[ ALSO ON CSO: CSO's Incident Response Survival Guide ]Research firm Gartner estimates that DevOps is currently in place at about 25 percent of Global 2000 enterprises this year. The benefits they hope to reap from the move to DevOps include more agile and responsive development teams and faster time to market. This is because DevOps helps enterprises to clear app clutter through this increased use of automation, standardization, and collaboration.The challenge for information security teams is ensuring that all of the best security practices and controls that they\u2019ve been able to instill into their development methods follows along in the transformation. And there is good news on that front: DevOps is an opportunity to automate a lot of those tests throughout development, and build security design and proper engineering into the development lifecycle in ways that wasn\u2019t possible before. By automating security and regulatory compliance tests throughout development, deployment, and throughout production security reaches a level that many security pros have been clamoring for years to attain.That\u2019s the DevOps security promise, anyway.Although there is no guarantee that reality will match that promise. Only time will tell. The difficulty, however, is that enterprise culture and instilled processes change slowly in large organizations, where it places enormous strain on IT, developers, and information security teams. And when there is strain, things get skipped or bypassed altogether. When it comes to security that\u2019s certainly no good. With all of that in mind, we\u2019ve created this DevOps Security Survival Guide.Here are a number of our best, handpicked stories that tackles the important topic of security in a DevOps enterprise:Does DevOps hurt or help security?Naysayers contend DevOps weakens security, others say DevOps enhances security.Defending DevOpsDevOps promise increased collaboration and enterprise IT agility. But what does that mean when it comes to regulatory compliance? There\u2019s a new effort underway with an answer.Rugged DevOps: In search of the defensible infrastructureDevOps moves too fast to build security into the process, some say. Not true, say others who believe one just needs to get a little rugged.How to maintain security in continuous deployment environmentsIf you wait till tomorrow to secure what continuous deployment took live yesterday, hackers will infect your application today!How security can add value to DevOpsGene Kim, award-winning entrepreneur, researcher and founder of security firm Tripwire, walks us through his vision.Agile doesn\u2019t (necessarily) mean fragileSpeedy, frequent updates and changes to infrastructure doesn't necessarily mean quality assurance is being forgone in favor of agility.Moving toward smart and secure continuous software deliveryExperts contend continuous software integration and delivery practices can boost secure coding practices.For containers, security is problem #1It may take a disaster or two for the lessons of needing to do security right sink in. Only then will containers be ready for prime time.A video interview with Gene Kim and Josh Corman on Rugged DevOpsDavid Spark interviews Gene Kim (@realgenekim), president of IT Revolution Press and Joshua Corman (@joshcorman), director, security intelligence for Akamai Technologies, about IT at \u201cludicrous speed\u201d with Rugged DevOps.