BLOG
DEVOPS

Securing the developer environment in Enterprise DevOps

How do you give DevOps team members flexibility and control, without opening the door to malicious attacks? This is the fundamental challenge for many security offices today and is discussed in a new eBook published by Sogeti and Microsoft as part of the Modern App Development and Enterprise DevOps series.

2022 DevOps blog 1 Picture1.pngThe developer environment is one of three threat surfaces discussed in the new eBook Securing Enterprise DevOps Environments. The developer environment includes everything a DevOps team member uses to produce code, test, and document, from the laptop to the software. As companies transition to a ubiquitous work-from-anywhere styled approach, the control of these devices suffers greatly. Often, cyber security offices lack a consistent understanding of where and how the code is secured and built. Hackers are taking advantage, with an uptick in remote connection hacks and developer identity thefts.

This chapter of the eBook recommends a series of measures to help secure the developer environment. Why are they needed? As shown in this diagram, the developer environment connects to the DevOps tools environment, as well as to 3rd party open-source packages and application extensions. These extensions present new attack vectors for hackers in dependency vulnerabilities and extension application vulnerabilities. Failing to prevent hackers from compromising these corrections can be a costly exercise, as we discover in this chapter with a description of a real-life hack that occurred in 2021.

The five recommended practices described in this chapter are as follows:

Read the eBook

The above is just a brief summary of the recommended practices. The eBook covers them in much more detail and offers advice on how to set about achieving them in order for your Enterprise DevOps teams to secure the developer environment.

 

Read more

Read the eBook

The above is just a brief summary of the recommended practices. The eBook covers them in much more detail and offers advice on how to set about achieving them in order for your Enterprise DevOps teams to secure the developer environment.

 

Read more

 

Blog author

Clemens Reijnen, Sogeti Global CTO Cloud Services, is the co-author of Securing Enterprise DevOps Environments in partnership with Microsoft.

Clemens Reijnen
Clemens Reijnen
Global CTO of Cloud Services
Print Email