THE speed versus security challenge
DevOps is all about making the development process more efficient. But that often leads to a conflict between developers and security teams who have put their effort into securing production and dev processes without harming their efficiency. When it comes to hardening the container’s host without damaging production, current deployment tools and techniques have proved to be costly, repetitive, complicated and slow – mainly for two reasons:
DOWNTIME AND TESTING REQUIREMENTS
While using manual hardening methods or familiar configuration management tools, the hardening process may affect the host or application’s functionality and cause downtime. In order to prevent downtime, DevOps spends long hours testing configuration changes in lab environments before deploying them to production environments.
The authorization of multiple privileged users in an enterprise environment makes it difficult to ensure that systems remain locked down, thus requiring DevOps teams to repeat the hardening process on a regular basis.