New DevSecOps fast-forwards security response, says AWS architect
Cloud used to be a hard sell to chief security officers. Now vendors like Amazon Web Services Inc. are bringing them around. Cloud can, in fact, strengthen data security and elevate CSOs from infrastructure to higher code and development levels, according to Bill Shinn (pictured), principal security solutions architect at AWS.
“You have DevOps and now you have DevSecOps,” Shinn said. DevSecOps enables security teams to operate with greater agility, he added. Once cloud abstracts away infrastructure plumbing and patching, they can move onto more advanced security tasks.
“They can focus more on their code quality, more on engineering principals,” Shinn stated.
Shinn spoke with Stu Miniman (@stu) and John Walls (@JohnWalls21), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during today’s AWS Summit in New York City. (* Disclosure below.)
AWS made several security announcements at the even. To start, Amazon Macie classifies data objects in AWS S3 storage with machine learning algorithms. “It has a very differentiated classification engine,” Shinn said. Topic modeling, regular expressions and a variety of other tools help identify data.
Is Macie AWS’s answer to Europe’s General Data Protection Regulation, which goes live next May? “If you’re moving data by European citizens around, you really have to understand that data. I think Macie will be a big part of a lot of customers’ strategy on GDPR,” Shinn said.
AWS also released Elastic File System Encryption that natively integrates with key management systems.
And, in response to customer demand, the company has issued a new iteration of CloudHSM — managed hardware security module. This allows customers to use their own encryption keys on the AWS cloud. The latest version features greater integration with other services and automation.
Engineers and CSOs switch hats
Automation such as that introduced in CloudHSM and other AWS services can advance customers deeper into DevSecOps, according to Shinn. AWS is increasingly talking with security organizations about DevOps tool chains, he added.
“If security can get those fast engineering principals down, then they’re just as responsive. It also puts security in the hands of engineers and developers,” Shinn concluded.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS Summit. (* Disclosure: TheCUBE is an unpaid media partner for AWS Summit. Neither Amazon Web Services Inc. nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.