Bringing security into the CICD pipeline with Halo

This post was originally published here by  casey pechan.

There’s a transformation happening in how IT is delivered in enterprises everywhere – what was once a predictable and stable IT environment has now become more fluid and is in a constant state of change. The average lifetime of a server, for example, has gone from months or years to weeks, days, or even hours.

As a result, development and DevOps release cycle times have dramatically decreased from 1-12 months to less than 1 day, with many enterprises doing multiple releases per day.

So, a major question that now lingers over DevOps teams is: can security keep up? For example, how can you deploy 10 times a day, (or more), if the SLA for a file integrity scan is 10 days?

The answer lies in automated toolchains, which results in dramatically shorter lead times and improved application resilience and quality. Orchestration tools like Chef Puppet, Jenkins, etc. are the new normal for automation, and using them in conjunction with CloudPassage Halo allows you to bake security infrastructure right into your DevOps cycle.

Where other security tools are manual, we’re automated. Ultra lightweight Halo agents are deployed directly onto the workload at every step of the DevOps cycle that can potentially be automated, giving your teams the bandwidth they need to focus on those steps that do require manual input, like the planning and post-release monitoring phases. (Check out this helpful infographic for more information.)

Want to learn more about how easily Halo fits into your DevOps timeline? Check out the 6-minute video below to see a demonstration.



No posts to display