DevSecOps trends in 2021

  1. Security and quality are the last two major silos in technical organizations. Data used to be a silo, but that’s changing. Security can’t scale if it’s siloed. Thus, the only option is to go mainstream.
  2. Security engineers are on the rise, and they’re becoming important buyers of software. Security engineers should join Platform Engineering teams and set standards for security across the org.
  3. Security tools need to focus on developer productivity. Developers want to ship new features fast. Security can only be a byproduct of this goal. The best products combine security & developer productivity.
  4. Supply chain security is a top priority. Data privacy is a top priority. Fixing misconfigurations is a top priority. All are areas where developers and security can work together in 2021.
  5. Discovery of vulnerabilities is pretty commoditized. The scanner is commoditized. However, build a single pane of glass for all alerts and prioritize them within the developer workflow. Workflow is everything.
  6. Security will shift farther left in the software development lifecycle. The earlier the better for developers. What other security measures can be added within the IDE? What more can be added at commit?
  7. There is still a cultural clash between security and developers, but startups are closing this. Security is UI-focused, closed-source, expensive, top-down sale. Developers are open source, API-first, CLI-first, simple to deploy.
  8. Our goal in the future is never to touch production. We don’t want to interrogate systems. We want to interrogate code. We want prior knowledge of all our assets and their vulnerabilities.
  9. Security should encourage killing instances instead of fixing them. This is easier than blasting tickets to everyone.
  10. We want to delete more code in 2021. If we delete code that we’re not using, we don’t have to patch it. Hopefully this is a win for everyone.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Renee Shah

Renee Shah

Partner at Amplify Partners focused on infra, dev tools, and security