Orchestration tools are part of the lifeblood of any DevOps team and are picking up steam across all industries. DevOps methods are becoming the preferred software development technique. While this shift undoubtedly brings countless perks, it also provides a whole new set of concerns.
With great power comes great responsibility. One of our 4 principles of Lean Security is Awareness. Understanding your assets and the potential threats is part of any good risk management program.
Unfortunately, many organizations jump head-in with implementing tools like Chef, Puppet or Ansible without considering the potential security ramifications. These tools themselves are not the risk. The risk comes to those organizations that implement such powerful tools without considering and accounting for the potential downsides.
So why hasn’t every enterprise adopted this Lean Security mindset? Read the full article at CSO