Snyk Community

Cover image for 31 Days of Security Awareness in DevSecOps - DAY 8

31 Days of Security Awareness in DevSecOps - DAY 8

alyssamiller_905 profile image Alyssa Miller Updated on ・1 min read

In order to succeed in bringing security to DevOps, every stakeholder in the pipeline needs to feel enabled to execute security practices. Sure this means training and tooling are necessary, but so is credible accountability. Those executing security practices need to feel supported when mistakes are made, vulnerabilities are identified, or remediations fail. Shaming or basing performance appraisal on security performance will only lead to half-hearted execution and attempts to bypass security controls. Make sure your approach is co-operative and focused on realistic goals for continuous improvement, not perfection.

Feel free to add your thoughts & comments.

Discussion (0)

Forem Open with the Forem app