U tweetove putem weba ili aplikacija drugih proizvođača možete dodati podatke o lokaciji, kao što su grad ili točna lokacija. Povijest lokacija tweetova uvijek možete izbrisati. Saznajte više
To the security folks trying to learn about modern software engineering practices like CI, CD, microservices, etc: I implore you to *not* learn about them from other security folks. You'll miss the 'why' because you won't hear about what sw problems the practices worked to solve.
If you don't have senior software engineers that you can talk to and learn from, I recommend starting here:
https://www.amazon.com/Continuous-Delivery-Deployment-Automation-Addison-Wesley/dp/0321601912 … (@jezhumble, 2010).
Learn what engineering is try to do, why, and (knowingly) work with the grain vs. (unknowingly) against it.
In general, software engineering is all about managing complexity. Security almost always adds complexity. Learning how to add the right amount of security, in the right places, with minimal additional complexity is what most helps the product/business succeed.
Very true, but still funny to see the architectural monuments some are building to serve a hello world in the cloud. DLP, SOAR, API gateways, SIEM, CASB, and the list goes on and on. Mind you, that’s on top of what the CSP offers:)
The novice over-complicates, the expert simplifies :).
I do think it's probably okay to learn from folks who made the jump into security from those fields. But I'm biased as someone who did that :)
That's a good point and I agree. Because you learned the things from a DevOps vs. security perspective, you can explain to security people why those practices emerged.
What’s the best resource then?
See next tweet for the starting point that I recommend :).
Even starting somewhere as simple as the Phoenix Project or Unicorn Project helps highlight what security looks like from a DevOps perspective and reaffirms your point.
@acloudguru then helps with incrementally more challenges views into what developers know & believe.
For people that learn better from fictionalized narratives, I hear those two books are great :).
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
