Tech

DevSecOps Glossary: ​​24 terms security professionals need to know


cybercriminals looking for the cloud
Image: Song_about_summer / Adobe Stock

What is DevSecOps?

DevSecOps is an aggregator of development, security, and operations. Alike DevOps, DevSecOps refers to the combination of culture, process, and technology. But while DevOps focuses on optimizing and streamlining the software development lifecycle, DevSecOps seeks to improve security throughout an organization’s product delivery. Furthermore, DevSecOps directly addresses the potential security weaknesses introduced by the DevOps model.

UNDERSTAND: Password Breach: Why Pop Culture and Passwords Don’t Go Together (Free PDF) (TechRepublic)

DevSecOps Terms you need to know

Attack Surface

An organization’s attack surface refers to potential vulnerabilities in a system that can be exploited by an attacker — the extent to which the network is exposed to potential threats. Internet of Things (IoT) devices, mobile devices, cloud computing, and remote work have all expanded the average organization’s attack surface.

Automation

In general, automation refers to the use of technology to complete a task that should have been completed by humans. In the context of DevSecOps, automation refers to the use of automated technology – scripts, bots, and algorithms – to automate security tasks throughout the software development lifecycle.

Chain

A chain of custody is a record of who had evidence at a given time. In the context of digital evidence, a chain of custody of a product must be maintained to ensure that the proof has not been altered and that its authenticity can be verified. For example, modern document management systems contain thorough audit logs.

CI / CD

CI/CD, or continuous integration and continuous delivery, is a software development practice in which developers integrate code changes into a common shared repository, and software changes Software is automatically built, tested, and deployed to production. These exceptionally fast iterations create value for the organization faster, but they also require a higher level of security to reduce the potential for disruption.

Dependent code

Code dependencies are the external libraries, frameworks, and modules that your code requires to run. These dependencies can introduce vulnerabilities into your codebase if they are not managed properly. Third-party vulnerabilities are the most common vulnerabilities in a system.

Follow

Compliance refers to an organization’s compliance with external regulations, standards, or best practices. In the context of DevOps and security, compliance can refer to everything from complying with industry-specific regulations, such as the CMMC for Department of Defense contractors, to internal policies. company department.

Configuration drift

Configuration drift occurs when the configuration of a system changes without being monitored or approved. Configuration drift can lead to security vulnerabilities over time as the organization expands its reach.

Containerization

Containerization is a method of packaging software, so it can run in isolated environments. Containers are self-contained and include all the dependencies needed to run the software, making them portable and easy to deploy. Importantly, instances enclosed in containers have limited impact on each other, making them more secure.

Data breach

A data breach is any unauthorized access or disclosure of sensitive information. Data breaches can happen when a malicious attacker gains access to a system, but they can also happen when authorized users mishandle data — for example, by mistakenly sending or posted online. Most companies will experience a data breach at some point, but the right DevSecOps methods will minimize the harm.

Prevent data loss

Data loss prevention refers to the activity of preventing unauthorized disclosure of sensitive information, whether through the use of automated tools or restricted access. Data loss prevention tools can be used to encrypt data in transit and at rest, and to monitor and control access to data.

Endpoint Security

Endpoint security is the act of securing devices connected to a network. Endpoints can include laptops, smartphones, tablets, and IoT devices. Endpoint security solutions typically include anti-virus software, firewalls, and intrusion detection and prevention systems.

Identity and access management (IAM)

IAM is about managing identities — both digital and physical — and the access they have to sensitive information and systems. IAM includes authorizing and deauthorizing user accounts and managing access controls. To be truly effective, IAM suites must be paired with appropriate security processes.

Mature model

The maturity model is a framework that can be used to measure an organization’s progress in adopting a particular practice or competency. In the context of DevSecOps, a maturity model can be used to measure an organization’s progress in adopting DevSecOps methods and achieving DevSecOps goals.

Authentication without password

Passwordless authentication is a method of authenticating users without the use of a password. Instead, it can be done with the use of biometrics, hardware tokens, or one-time passcodes (OTPs). Many security analysts believe that this type of authentication is more secure than a traditional password, because passwordless authentication does not rely on the user to maintain security standards.

Penetration test

Penetration testing, also known as pen testing, is the practice of simulating an attack on a system to identify vulnerabilities. Pen tests can be conducted manually or with automated tools, and they can be targeted at individual systems or entire networks.

Perimeter security

Peripheral security is the practice of protecting the boundaries of a network. Offsite security solutions typically include firewalls and intrusion detection and prevention systems. Today, organizations are moving away from perimeter-based security and towards access-based security.

Risk management

Risk management is the process of identifying, assessing, and mitigating risks. In a security context, risk management is an essential component that includes identifying security threats and vulnerabilities as well as assessing their impact on the organization.

Security Information and Event Management (SIEM)

SIEM is a security management method that combines the functions of security information management (SIM) and security event management (SEM). SIEM gives organizations a real-time view of their security posture and the ability to detect, investigate, and respond to security incidents.

Security in the form of code

Security as code is a way of treating configurations and security policies as code, which can then be managed just like any other software asset. Security as code helps ensure a consistent security configuration across environments, and changes can be tracked over time.

Security posture

An organization’s security posture refers to its overall security posture, including the effectiveness of its controls and the adequacy of its policies and procedures. Security position can be measured through the use of security assessments and audits.

To the left

Shift Left is a DevOps principle that advocates bringing security into the software development process earlier. By turning left, organizations can find and fix security vulnerabilities earlier in the development cycle, which can save time and money.

Security

Process security is the practice of isolating security functions from other parts of the organization. Fixed security can lead to inefficiencies and blind spots as well as increase the risk of security incidents.

Threat model

Threat modeling is the practice of identifying, assessing, and mitigating threats. It helps organizations understand their attack surface and identify the most likely and impactful threats by examining existing systems and identifying potential vulnerabilities.

Distrust

Untrust is a security model that assumes that all users and devices are untrusted. In a trustless environment, all traffic is considered malicious and all content is protected accordingly. Untrust is often used in conjunction with micro-segmentation to further separate system and data.



Source link

news7g

News7g: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button