Somewhere along the line, someone decided to put a “Sec” in between “Dev” and “Ops”… and now it is a thing! I have historically reacted poorly to the xOps labels that have been flung around IT circles for a number of years now, but the reality is that a lot of these previous silos are coming together. Future personas in IT will have these labels attached to their day to day roles. Infrastructure and Platform operations will will need to cross over and understand some level of development in the same way in that developers have crossed over to operations, driven by the applications they create lending themselves to modern platforms like containers and cloud.

The purpose and intent of DevSecOps is to build on the mindset that everyone is responsible for security” with the goal of safely distributing security decisions at speed and scale to those who hold the highest level of context without sacrificing the safety required.

The mashup of roles has meant that security needed to come sharply into focus and not just in the traditional sense of protecting your internal and external compute, storage and networking systems. With applications becoming more of a self contained black box the focus on security has shifted up the stack and Snyk have been leading the way in inserting security right at the coal face. Securing all critical components of today’s cloud native development from the code, to the open-source libraries to the container infrastructure to the infrastructure as code that ties it all together is more important than ever.

Being not natively DevSecOps focused, I felt like I needed to learn more, so I brought Lawrence Crowther from Snyk on Great Things with Great Tech to educate me on their ever growing role in modern application development and how their developer focused tooling is helping secure applications before they get out and have the potential to do damage due to unknown or hidden security flaws or exploits.

Watch and listen and learn below:

In this episode I talk with Lawrence Crowther, Head of Solution Engineering APJ at Snyk. Snyk are the cloud native application security leader, enabling 2.2 million developers to build securely, with a vision to empower every modern developer in the world to develop fast and stay secure. They provides a platform to secure all of the critical components of today’s cloud native application development including the code, open source libraries, container infrastructure and infrastructure as code. Lawrence and I talk about how Snyk has boomed into the market leader in this relatively new space being driven by open source software, cloud native development and infrastructure as code built first for developers as a dev tooling company … so now you know!

Snyk was founded in 2015 and is head quartered out of the London, UK.

☑️ Web: https://snyk.io/
☑️ Getting Started: https://snyk.io/what-is-snyk/

References: 

https://www.devsecops.org/blog/2015/2/15/what-is-devsecops