{"id":2883,"date":"2018-11-05T16:06:33","date_gmt":"2018-11-05T21:06:33","guid":{"rendered":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/?p=2883"},"modified":"2018-11-05T16:19:29","modified_gmt":"2018-11-05T21:19:29","slug":"development-security-practices","status":"publish","type":"post","link":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/","title":{"rendered":"Development Security Practices to Master for 2019 &#8211; With Twistlock"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-2884\" src=\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/files\/2018\/11\/development-security.jpg\" alt=\"\" width=\"800\" height=\"400\" \/><\/p>\n<p style=\"text-align: justify\">DevOps has morphed significantly since its inception. Before, continuous delivery was prioritized over proper security. <a href=\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/shift-security-left-devops\/\" target=\"_blank\" rel=\"noopener\">Development security practices<\/a> require a collective approach where everyone contributes. We talked with cloud native cybersecurity company, <a href=\"https:\/\/www.twistlock.com\/\" target=\"_blank\" rel=\"noopener\">Twistlock<\/a>, to learn their 2019 expectations of developers and security.<\/p>\n<h4 style=\"text-align: justify\"><strong>Last year, Twistlock predicted that developers would become more ingrained in the security element, specifically the CI processes. How did this shape out in 2018 and what can we expect as we move into 2019? What have you heard differently from developers?\u00a0<\/strong><\/h4>\n<h5 style=\"text-align: justify\"><strong>John Leon, VP of Business Development &amp; Strategic Alliances<\/strong><\/h5>\n<p style=\"text-align: justify\">DevOps to DevSecOps&#8230; It has become clear that the most successful enterprises effectively leverage technology for competitive advantage. They have created an organizational environment that balances speed of delivery with a cross-team responsibility for security. This trend will accelerate and become best practice in the enterprise as well as work its way into the mid-market. Development\u00a0teams have a better understanding\u00a0of the tools available to effectively build, ship, run, and secure application code. In the security side of the house as well.<\/p>\n<h5 style=\"text-align: justify\"><strong>Ben Bernstein, CEO<\/strong><\/h5>\n<p style=\"text-align: justify\">The process of developers being more ingrained in the security element is taking shape. Companies like JFrog, who developers know and love, are very successfully pitching the importance of hygiene of software, about how important it is to keep software up to date. Developers seem to pick on that. It\u2019s amazing to see that JFrog is now valued at more than a billion dollars, based chiefly on how well developers understand that message.<\/p>\n<h5 style=\"text-align: justify\"><strong>John Morello, CTO\u00a0<\/strong><\/h5>\n<p style=\"text-align: justify\">This prediction played out pretty much as expected.<span style=\"font-size: 1em\">\u00a0<\/span><span style=\"font-size: 1em\">In the early days, we had to do a lot of evangelism about the value in having security embedded in the development process.<\/span><span style=\"font-size: 1em\">\u00a0Today, though, we don\u2019t have to explain that, not only to customers already get it, they\u2019re usually asking for help doing it.\u00a0 The big shift is that most savvy developers realize that embedding security early actually makes their jobs easier so there\u2019s a personal motivation to do it, beyond the obvious security advantages.\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/improve-container-security\/\" target=\"_blank\" rel=\"noopener\">(Be sure to check out our earlier interview with John Morello)<\/a><\/p>\n<h5 style=\"text-align: justify\"><strong>Dima Stopel, VP of R&amp;D and Co-Founder<\/strong><\/h5>\n<p style=\"text-align: justify\">I think this trend exists indeed and it is very clear. Two forces push in this direction: first is that as part of the DevOps movement developers do more than just the development itself. They are in charge of the deployment and production environment as well. As part of this effort, they must be aware of security threats and be proactive to ensure a secure application. The second force is that security teams understand that their only way to reach good application security is through developers. They use application security tools to assess the security level of different applications but they must work with dev to fix\u00a0discovered problems. For example, Twistlock\u2019s Jenkins plugin that enforces only clean images being built and reports found issues to the developer that submitted the change, is one of the most popular features in Twistlock.<\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"msp-speedbump\" title=\"Download link to Managed Service Providers Buyers Guide\" href=\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/managed-service-provider-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/files\/2018\/07\/Managed-Service-Providers-Speedbump-1.jpg\" alt=\"Download Link to Managed Service Providers Buyers Guide\" width=\"771\" height=\"170\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>DevOps has morphed significantly since its inception. Before, continuous delivery was prioritized over proper security. Development security practices require a collective approach where everyone contributes. We talked with cloud native cybersecurity company, Twistlock, to learn their 2019 expectations of developers and security. Last year, Twistlock predicted that developers would become more ingrained in the security [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2884,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[2],"tags":[902,749,215],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Development Security Practices to Master for 2019 - With Twistlock<\/title>\n<meta name=\"description\" content=\"Last year, Twistlock predicted an increased security role for developers. They discuss development security practices to expect in 2019.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Doug Atkinson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/\",\"url\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/\",\"name\":\"Development Security Practices to Master for 2019 - With Twistlock\",\"isPartOf\":{\"@id\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/files\/2018\/11\/development-security.jpg\",\"datePublished\":\"2018-11-05T21:06:33+00:00\",\"dateModified\":\"2018-11-05T21:19:29+00:00\",\"author\":{\"@id\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\"},\"description\":\"Last year, Twistlock predicted an increased security role for developers. They discuss development security practices to expect in 2019.\",\"breadcrumb\":{\"@id\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/#primaryimage\",\"url\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/files\/2018\/11\/development-security.jpg\",\"contentUrl\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/files\/2018\/11\/development-security.jpg\",\"width\":800,\"height\":400,\"caption\":\"development security practices\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Development Security Practices to Master for 2019 &#8211; With Twistlock\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/#website\",\"url\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/\",\"name\":\"Best Enterprise Cloud Strategy Tools, Vendors, Managed Service Providers, MSP and Solutions\",\"description\":\"Guides, Analysis and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\",\"name\":\"Doug Atkinson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g\",\"caption\":\"Doug Atkinson\"},\"description\":\"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.\",\"sameAs\":[\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\"],\"url\":\"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/author\/doug-atkinson-4\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Development Security Practices to Master for 2019 - With Twistlock","description":"Last year, Twistlock predicted an increased security role for developers. They discuss development security practices to expect in 2019.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/","twitter_misc":{"Written by":"Doug Atkinson","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/","url":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/","name":"Development Security Practices to Master for 2019 - With Twistlock","isPartOf":{"@id":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/#website"},"primaryImageOfPage":{"@id":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/#primaryimage"},"image":{"@id":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/#primaryimage"},"thumbnailUrl":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/files\/2018\/11\/development-security.jpg","datePublished":"2018-11-05T21:06:33+00:00","dateModified":"2018-11-05T21:19:29+00:00","author":{"@id":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae"},"description":"Last year, Twistlock predicted an increased security role for developers. They discuss development security practices to expect in 2019.","breadcrumb":{"@id":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/#primaryimage","url":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/files\/2018\/11\/development-security.jpg","contentUrl":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/files\/2018\/11\/development-security.jpg","width":800,"height":400,"caption":"development security practices"},{"@type":"BreadcrumbList","@id":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/development-security-practices\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/"},{"@type":"ListItem","position":2,"name":"Development Security Practices to Master for 2019 &#8211; With Twistlock"}]},{"@type":"WebSite","@id":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/#website","url":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/","name":"Best Enterprise Cloud Strategy Tools, Vendors, Managed Service Providers, MSP and Solutions","description":"Guides, Analysis and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae","name":"Doug Atkinson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g","caption":"Doug Atkinson"},"description":"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.","sameAs":["https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud"],"url":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/author\/doug-atkinson-4\/"}]}},"_links":{"self":[{"href":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/wp-json\/wp\/v2\/posts\/2883"}],"collection":[{"href":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/wp-json\/wp\/v2\/comments?post=2883"}],"version-history":[{"count":0,"href":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/wp-json\/wp\/v2\/posts\/2883\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/wp-json\/wp\/v2\/media\/2884"}],"wp:attachment":[{"href":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/wp-json\/wp\/v2\/media?parent=2883"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/wp-json\/wp\/v2\/categories?post=2883"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/stg-solutionsreviewcom-staging.kinsta.cloud\/cloud-platforms\/wp-json\/wp\/v2\/tags?post=2883"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}