Log in
E-mail
Password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
Settings
Settings
Dynamic quotes 
OFFON

4-Traders Homepage  >  Equities  >  Nasdaq  >  Cisco Systems    CSCO

CISCO SYSTEMS (CSCO)
Mes dernières consult.
Most popular
  Report  
SummaryQuotesChartsNewsAnalysisCalendarCompanyFinancialsConsensusRevisions 
News SummaryMost relevantAll newsSector newsTweets

DevSecOps: Security at the Speed of Business

share with twitter share with LinkedIn share with facebook
share via e-mail
0
02/15/2018 | 01:06am CET

[This is part two of a four-part blog series about DevSecOps.]

In Part One of this blog series DevSecOps - Win Win for All, we established a foundation for DevSecOps practices with our Cloud Security Manifesto. In Part 2 of this series, we will describe another key aspect of DevSecOps - developing security guardrails with a hands-on approach via Agile hackathons.

DevSecOps is about bridging DevOps workflows with Information Security (Infosec) Operations by embedding security as code during development, validation during testing and leveraging automation to run continuous operations. From many years in IT, we know that it's a good idea to first prove ideas manually before we automate. Agile security hackathon is how we bring in participants from relevant disciplines within Information Security and application teams to first go through a set of implementation steps to configure the most important security requirements - the guardrails. With the winter Olympics in progress, this is akin to the guardrails that help a gravity powered Bobsled go faster along iced tracks in a safe manner.

Defining Security Guardrails

The DevSecOps practice was built on Amazon's Web Services (AWS) platform as our first target environment. Security in AWS is a shared responsibility model. While AWS provides assurance around the physical security of their Data Centers and security of their service offerings, it is Cisco's responsibility to secure Cisco's offers hosted on AWS. It's important to ensure that controls are in place for administration of the environment, asset exposure to the internet, and that there is continuous visibility to the security posture to continuously detect and respond to any anomalies.

With these considerations, the following guardrails were prioritized for the hackathon.

[Attachment]

These guardrails enable the Cloud offering teams to confidently build and deploy their offers more quickly and demonstrates two key principles in our Manifesto - #1 'Collaborating to Securely Enable Business over Mandates' and #7 'Defense in Depth, Proactive Detection and Quick Recovery over Assumed Perfect Security.'

Agile Security Hackathon

There is a saying that 'while in Rome do as the Romans do'. For Infosec teams to embrace Security as Code, they need to do as Agile and DevOps teams do. That means bringing multiple functions within Information Security together to collaborate as one team and learn to build and operate iteratively delivering value with each iteration. This started with our Agile Security Hackathon where we brought together a dozen members from different parts of the InfoSec team with a few Cloud Offer teams to participate in a two day hackathon.

The hackathon runs as multiple sprints that take place concurrently, with four small three member teams. The sprints are 90 minutes long where the team implements one of the guardrails, tests them and documents the how-to. After each sprint, the entire team is given a 60 minute read-out along with the Product Owner issuing a definition of done when the guardrail meets all acceptance criteria and can be closed by the Scrum Master. The teams also cross validate the implementation of the guardrails. This helps the entire team be knowledgeable and support the users in true DevOps fashion. The sprints - readouts cycle repeats continuously throughout the day, and by end of each day, retrospectives are held to continually improve the hackathon experience and deliverables.

At the end of the first hackathon, the team delivered nine out of the 10 guardrails - success in our books for sure. We have since completed five hackathons and delivered on multiple use cases, and that's a sure sign of a new norm, a new culture.

[Attachment]

In the next part of our blog series, we will share more on how we automated the Guardrails delivering on a few more elements of our manifesto. Please stay tuned and in the meantime we welcome your comments.

Visit trust.cisco.com for more information on how we protect Cisco our customers and our solutions.


Tags:

Cisco Systems Inc. published this content on 14 February 2018 and is solely responsible for the information contained herein.
Distributed by Public, unedited and unaltered, on 15 February 2018 00:05:07 UTC.

share with twitter share with LinkedIn share with facebook
share via e-mail
0
Latest news on CISCO SYSTEMS
01:21aCISCO : Bringing Programmability and NetDevOps to Melbourne for #CLMel
PU
02/19MFR PART # : ISR4331/K9 Cisco Systems, Inc. Cisco ISR 4331 (3GE,2NIM,1SM,4G FLAS..
AQ
02/1970-- MFR PART # : ISR4331/K9 Cisco Systems, Inc. Cisco ISR 4331 (3GE,2NIM,1SM,4G..
AQ
02/19CISCO : A Leadership Formula in the Era of Disruption
PU
02/19CISCO : ZK Research Helps Mitigate IT and Business Decision Fatigue
PU
02/19CISCO : Avoid CX Disasters with These Three Digitization Strategies
PU
02/19#CISCOCHAT PODCAST : Larssen Champions CMX Business Use Cases
PU
02/19CISCO : Empowering New Orleans’ Youth with Digital Skills
PU
02/19CISCO : Have Your Cake and Eat it Too With Next-Generation Endpoint Security fro..
PU
02/19CLOUD UNFILTERED PODCAST, EPISODE 36 : Pete Johnson Explains the Cisco/Google Pa..
PU
More news
News from SeekingAlpha
02/16Analysts stick up for Arista; shares slide by record amount 
02/16Top 3 Dividend Aristocrats Of The Future 
02/15CISCO : Growth Arrives, Narrative Changes 
02/15Cisco hits 17-year high after beat, analyst target hikes 
02/15ARISTA NETWORKS : Buy This Stock On Negative Volatility 
Financials ($)
Sales 2018 49 105 M
EBIT 2018 15 282 M
Net income 2018 279 M
Finance 2018 34 597 M
Yield 2018 2,74%
P/E ratio 2018 -
P/E ratio 2019 18,67
EV / Sales 2018 3,76x
EV / Sales 2019 3,78x
Capitalization 219 B
Chart CISCO SYSTEMS
Duration : Period :
Cisco Systems Technical Analysis Chart | CSCO | US17275R1023 | 4-Traders
Technical analysis trends CISCO SYSTEMS
Short TermMid-TermLong Term
TrendsBullishBullishBullish
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus OUTPERFORM
Number of Analysts 30
Average target price 47,5 $
Spread / Average Target 7,2%
EPS Revisions
Managers
NameTitle
Charles H. Robbins Chairman & Chief Executive Officer
Tiang Yew Tan Senior Vice President-Operations & Digital
Kelly A. Kramer Chief Financial Officer & Executive Vice President
Guillermo Diaz Chief Information Officer & Senior Vice President
Roderick C. McGeary Independent Director
Sector and Competitors
1st jan.Capitalization (M$)
CISCO SYSTEMS9.90%217 915
QUALCOMM4.01%96 638
ERICSSON-0.20%22 647
ARISTA NETWORKS INC30.72%22 085
ZTE CORPORATION--.--%19 155
HARRIS CORPORATION9.40%18 473