SECURITY INFLUENCERS BLOG

Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management

START FREE TRIAL

How Visibility and Data Unite Engineering, Security & Operations: Dev + Sec + Ops = DevSecOps

ByMahesh Babu October 13, 2017

More than ever before, the security of a running application is a shared responsibility:

  1. The security team needs to detect, monitor and respond to an application layer breach
  2. The operations team needs to ensure performance, stability & reliability of the application in the event of a breach
  3. The engineering team needs to know what security defects to fix and what libraries & components are safe to use

However, all three groups are running blind when it comes to the security state of the running application. Contrast’s Application Security Monitoring solution fills the visibility gap that current Development, Security & Operations teams experience when monitoring and responding to attacks on running applications. Since Contrast’s agent resides inside the application, Contrast provides instant visibility into running applications that perimeter solutions cannot. This enables Development, Security & Operations to see & review application security attacks and inherent vulnerabilities in real time and agree on a remediation plan – all from a single, unified dashboard.

To see how Contrast's Application Security Monitoring can bring Development, Security & Operations together and provide a common understanding of your running applications, please read this technical brief: The Case for Application Security Monitoring. 

DevSecOps

 

Mahesh Babu

Mahesh Babu

Mahesh leads the RASP (Contrast Protect) team at Contrast Security. He takes every opportunity to tell everyone how Contrast has fundamentally changed application security for the first time since he started working in security 10+ years ago. Mahesh has seen the industry evolve as a researcher, consultant, and practitioner within a large bank. He began his career as a security researcher at the CERIAS center at Purdue University. He then went on to build and scale large security & privacy programs a Senior Manager & architect for HSBC Information Security & Risk. He also spent time as a consultant at Deloitte and Booz & Company. Mahesh has a BS in Computer Science and MS in Information Security from Purdue University and an MBA from Duke University.

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook