In the agile, lean, devops communities people talk about improving security by “shifting left”.
Patterns and tools are emerging, or re-emerging,
that make security less of a pain in the development process while also making applications more secure.
I will cover tools and processes that help teams with the day to day work like
code scanners, application scanners, pull requests, deployment tooling and infrastructure-as-code.
At the organisational level some relatively small changes to, for instance, the change approval process can have a big impact.
These are tools and processes that have proven themselves at many organisations and perhaps they can do the same for you.
Gérard is a systems engineer (or devops engineer) and
architect who helps businesses deliver value by applying DevOps and Lean principles,
Continuous Delivery, and Cloud technologies.
He knows that IT services can be delivered faster,
with lower risk and lower costs by applying modern architectures, organizational structures
and ways of working made popular through the DevOps movement.