Story image

CA Technologies fosters stronger culture for DevSecOps processes

21 Nov 2017

CA Technologies is taking security to the early stages of software development with an expanded portfolio that concentrates on DevSecOps.

Gartner says DevSecOps has the ultimate goal of improving the overall security process by designing integrated controls. These controls do not undermine the agility and collaboration associated with DevOps.

“Simply layering standard security tools and processes onto the DevOps cycle won't work. Security checks, controls and testing need to be applied as automatically and transparently as feasible throughout the development, delivery and operation of applications.”

CA’s move into the DevSecOps process was made possible through the company’s acquisitions of Automic and Veracode.

CA Continuous Delivery SaaS brings complete visibility into DevOps planning and troubleshooting. It also provides a way for DevOps teams to remove manual processes in release planning and management.

CA’s integration with Veracode enables application security testing as part of the development process as it initiates checks through the development pipeline.

CA Automic Application Release Automation also speeds up deployment through an automated and agile back end that delivers more reliable code releases.

Companies that embrace DevSecOps deliver better and more-secure software because of the focus on collaboration and alignment across disciplines,” comments CA Technologies president Ayman Sayed.

The company says modern software factories should strive towards building better apps faster. Part of that means developers need the right tools and processes across the entire software development lifecycle.

It believes that DevSecOps can integrate tools and processes that foster better culture between development, security and operations teams, resulting in security that is a natural part of development and operations.

“In today’s security environment, it is critically important for security to be integrated seamlessly throughout the whole software development lifecycle. We are pleased to be able to provide CA customers with new tools that do just that across our CA Automic, CA Veracode, and Continuous Delivery portfolios," Sayed continues.

The company has also boosted its general DevOps portfolio to deliver on its promise of faster software development and delivery.

The company’s Continuous Delivery portfolio and CA Digital Experience Monitoring have both delivered new released that accelerate and automate development and release, improve testing and provide visibility into digital experiences.

“As companies increasingly conduct business through their APIs, web and mobile applications, their ability to grow and keep pace with the competitive rate of change of their markets depends on implementing modern DevOps practices and tools to ensure velocity, quality and efficiency across the entire software development lifecycle,” explains CA’s general manager of Continuous Delivery, Jeff Scheaffer.

CA has enhanced its testing solution CA BlazeMeter to include a lightweight SaaS-based API testing solution that is able to auto-generate and execute hundreds of test types concurrently.

CA Digital Experience Insights is a new SaaS-based digital experience monitoring and analytics solution that provides a holistic view of user experience, application performance and infrastructure management.

Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.
Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
SIS announces a partnership with Platform 4
“We are looking forward to a strong future in the New Zealand security industry with this global giant as our strategic partner."
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.