DIGITAL ECOSYSTEMS
LARRY MACCHERONE
TITLE : DEVSECOPS TRANSFORMATION ARCHITECT
COMPANY : CONTRAST SECURITY INDUSTRY : CYBERSECURITY LOCATION : UNITED STATES
Dev [ Sec ] Ops Transformation
Architect at Contrast Security , Maccherone currently sees a huge opportunity for the concepts he helped developed with Build-Security-In a decade ago to finally take hold with the recent emergence of DevOps , which he thinks of as a natural successor to agile development because it further breaks down silos .
Organisations need to move away from a gatekeeping approach to security When scaling DevSecOps transformation in the enterprise , Maccherone argues that organisations need to move away from a gatekeeping , confrontational approach to application security . The first challenge in pulling this off is to get the mindset right .
“ Today in some security teams , there is this approach of the ‘ beatings will continue until morale improves ’,” Maccherone says As a result , this process can build up significant resistance and even resentment among development teams .
“ Basically they ’ re trying to find problems in somebody else ’ s work ,” Maccherone says . “ This doesn ’ t scale with the accelerating pace of development . So that ’ s a common problem with this gatekeeping policing auditing approach to application security .
technologymagazine . com 65