Our Engineers and Devs have learned a great deal during the short time they've been afforded access to the multitude of resources housed within the virtual walls of Cybrary Business
. Many solution integrators would probably agree, embarking on a voyage into the next generation of IT is an endeavor fraught with paradoxes. If I make the system open, it will be more vulnerable. If I more fully document features, there's less time for enhancement. If I delay a release, my competitor may launch an idea before I do. And the cycle continues. Whenever we evaluate our clients' desired business outcome, we inevitably arrive at one of these paradoxes. Over time, I have discovered that the Cyber-security community and the traditional Dev community are more likely to be allies than they are foes. In our organization, we have moved these talented creative beings as close as possible and the outcome has been tremendous. In a recent project, we had a team struggling to accomplish an integration between multiple client systems, while deploying an NFV solution. While much of the technological aspects of the solution were relatively well documented and nothing incredibly novel was being deployed; the challenge to integrate and test multiple authentications, and logging and regression mechanisms were daunting for a small Dev team, with very little background in exploits, application security, etc. Fortunately, the Cyber-security folks and the Developers found that in most cases, they spoke the very same language, in the very same vernacular and could quickly share and prioritize tasks without the typical overhead associated with vulnerability mapping and application hardening processes. What resulted was a streamlined testing and release schedule for features.Our client ended up with a fully functional and validated solution, mutually backed by both Cyber-security SME's and Sr. Developers alike. The outcome was easy to monetize. Predictable sprints, coupled with integrated security focused testing and release schedule, accommodated more time for creative thought and experimentation. e.g. "They got more for their money". The bonus for us resulted in us getting to pick up a new backcronym during the process. We now fully appreciate the term "DevSecOps".