Story image

CA Technologies fosters stronger culture for DevSecOps processes

21 Nov 2017

CA Technologies is taking security to the early stages of software development with an expanded portfolio that concentrates on DevSecOps.

Gartner says DevSecOps has the ultimate goal of improving the overall security process by designing integrated controls. These controls do not undermine the agility and collaboration associated with DevOps.

“Simply layering standard security tools and processes onto the DevOps cycle won't work. Security checks, controls and testing need to be applied as automatically and transparently as feasible throughout the development, delivery and operation of applications.”

CA’s move into the DevSecOps process was made possible through the company’s acquisitions of Automic and Veracode.

CA Continuous Delivery SaaS brings complete visibility into DevOps planning and troubleshooting. It also provides a way for DevOps teams to remove manual processes in release planning and management.

CA’s integration with Veracode enables application security testing as part of the development process as it initiates checks through the development pipeline.

CA Automic Application Release Automation also speeds up deployment through an automated and agile back end that delivers more reliable code releases.

Companies that embrace DevSecOps deliver better and more-secure software because of the focus on collaboration and alignment across disciplines,” comments CA Technologies president Ayman Sayed.

The company says modern software factories should strive towards building better apps faster. Part of that means developers need the right tools and processes across the entire software development lifecycle.

It believes that DevSecOps can integrate tools and processes that foster better culture between development, security and operations teams, resulting in security that is a natural part of development and operations.

“In today’s security environment, it is critically important for security to be integrated seamlessly throughout the whole software development lifecycle. We are pleased to be able to provide CA customers with new tools that do just that across our CA Automic, CA Veracode, and Continuous Delivery portfolios," Sayed continues.

The company has also boosted its general DevOps portfolio to deliver on its promise of faster software development and delivery.

The company’s Continuous Delivery portfolio and CA Digital Experience Monitoring have both delivered new released that accelerate and automate development and release, improve testing and provide visibility into digital experiences.

“As companies increasingly conduct business through their APIs, web and mobile applications, their ability to grow and keep pace with the competitive rate of change of their markets depends on implementing modern DevOps practices and tools to ensure velocity, quality and efficiency across the entire software development lifecycle,” explains CA’s general manager of Continuous Delivery, Jeff Scheaffer.

CA has enhanced its testing solution CA BlazeMeter to include a lightweight SaaS-based API testing solution that is able to auto-generate and execute hundreds of test types concurrently.

CA Digital Experience Insights is a new SaaS-based digital experience monitoring and analytics solution that provides a holistic view of user experience, application performance and infrastructure management.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.