Security as Code – A Dynamic model to protecting your Digital Assets

Security as Code – A Dynamic model to protecting your Digital Assets

Balaji Rajagopalan Balaji Rajagopalan

Balaji Rajagopalan

Vice President Cloud & Data at Capgemini India | Thought Leader - AI & Cloud | Passionate about Technology

发布日期: 2021年8月15日
+ 关注

Andy Grove famously wrote – ‘Only the Paranoid survive’

The message still makes sense and the only true solution to attacks (I mean ether ones on our Digital ?Assets) is eternal vigilance. Having said that, there is one particular challenge in CyberSecurity whether you implement the latest and best of breed security protocol and systems; it is the ever evolving kaleidoscope of both the landscape and the actors (read threats). ?Landscape changes every few weeks or months as new policies are implemented, but the upstream impact of tweaking your Security architecture is not done and … ergo an involuntary lapse between good intent and good protection. The actors (hackers and attackers) keep changing their MO every fortnight or even week as they crowdsource vulnerability. Its very difficult for even the best software firms to beat crowdsourced innovation especially when a lot of it done for the kick and not for money. So when landscape changes and actors morph, the natural solution is that Security be dynamic and not static.?

#devsecops #sogetilabs #sogeti

Prominent Lapses in Security

Existing cybersecurity architectures?and operating models cannot cope with the changes in architecture which are driven through when customers?migrate to public-cloud platforms. Why? Misconfiguration is a greater challenge for the customer, in fact most public cloud providers have much better security than what traditional datacenters can provide. Attack on the public cloud infrastructure will be very rare instance as its built for defying such attacks and is on a high alert all the time.

What is Security as Code?

Simply put – SaC – is a model where you define your Cyber security policies as Code and not as a static rule.

Three areas of focus for Security as Code:

领英推荐

  • Security Testing
  • Vulnerability Scanning
  • Access Control and Policy Management

Security as Code can programmatically refer to various routines, subroutines and scripts. Imagine a scenario where because of the popularity of DevOps in enterprise business, there is continuous development. Security as Code represents the next evolution of DevOps–a development where security is fused into the development process.

Security as Code best practices include:


  • Monitoring functions
  • Routine security policy checks
  • Automating feedback loops
  • Automating scans and security testing
  • Executing scripts

No alt text provided for this image

More information?

https://www.sogeti.com/services/cybersecurity/

Kummar Vaalsalam

Executive Director | Deloitte | Data, Cloud, Ai | Financial Services

3 年

#DevSecOps cannot emphasize more. Very well articulated Balaji!
回复
1 次回应

要查看或添加评论,请登录

Balaji Rajagopalan的更多文章

  • Kumbh - Spiritual and Economic Engine of Bharat
    2025年1月19日

    Kumbh - Spiritual and Economic Engine of Bharat

    ?????? || History of Kumbh The Kumbh Mela is the largest and most significant religious festivals in the world, drawing…

    51 条评论
  • Who is Jetson Thor?
    2025年1月17日

    Who is Jetson Thor?

    Well, at first glance this sounds like a name from a James Bond movie. Or a Nordic god perhaps? Jetson Thor is the…

    11 条评论
  • IMPORTANCE OF RESILIENT ARCHITECTURE & MASSIVE MULTI PLAYER TESTING
    2024年7月21日

    IMPORTANCE OF RESILIENT ARCHITECTURE & MASSIVE MULTI PLAYER TESTING

    You have 24 hours to go for your flight; you have done all your client meetings and are packed and ready. You go to…

    10 条评论
  • My Top Ten and My Next Ten
    2024年6月2日

    My Top Ten and My Next Ten

    These were my top ten books in last few years..

    7 条评论
  • Leadership Lessons - Chhatrapati Shivaji Maharaj
    2024年2月19日

    Leadership Lessons - Chhatrapati Shivaji Maharaj

    Shivaji Maharaj was one of the most visionary leaders in India during the 1630 to 1680 AD. I will not go much into…

    16 条评论
  • First Country to Land on South side of the Moon
    2023年8月24日

    First Country to Land on South side of the Moon

    As the sun set in India - around 6.04 PM India become the first country to land on the south side of the moon and the…

    1 条评论
  • Four Tenets of Successful Investing
    2023年8月20日

    Four Tenets of Successful Investing

    Financial Performance While looking at stocks to invest don’t get taken in by what’s sexy, what’s trending and what’s…

    6 条评论
  • UPI - The Data Behemoth
    2023年2月26日

    UPI - The Data Behemoth

    UPI – The Data Behemoth UPI stands for Unified Payments Interface, which is a real-time payment system developed by the…

    7 条评论
  • Data Effect - Real Estate (India)
    2023年1月12日

    Data Effect - Real Estate (India)

    What does 5G, Covid and Semiconductor PLI scheme of India have to do with Real Estate. These seemingly disconnected…

    4 条评论
  • The Intel Sustainability Hackathon
    2022年12月20日

    The Intel Sustainability Hackathon

    Six teams competed in the finals of the Intel Corporation Sustainability Hackathon Sogeti. It was an exciting event…

    3 条评论

社区洞察

其他会员也浏览了