Cybersecurity expert Amital Ratzon calls it the next step in proactive security. This is a new movement in the cybersecurity field, where automated security checks and systems hardening are integrated into every software development and deployment stage. It is called SecValOps and is expected to follow in the footsteps of the DevSecOps movement.
“Just as DevSecOps integrated security into the start of the high-speed development of DevOps, SecValOps goes a step further, adding testing and validation to ensure that an organization’s security strategy can stay effective against today’s sophisticated cyberattacks,” Ratzon says.
Organizations are slowly acknowledging the importance of continuous security testing as they deal with the increasing aggressiveness and sophistication of cyber threats. SecValOps is new, but it appears to be the way to go, given the undeniable necessity for meticulous cybersecurity and continuous security validation and collaboration among cybersecurity teams.
SecValOps: The basics
SecValOps is a new approach for a new set of threats. With cybercriminals becoming more resourceful and peskily more unrelenting than ever, it is not enough to simply integrate security into the DevOps process. Testing the security controls baked into software projects or installed in an organization is also crucial. Hackers and other bad actors only need a few minutes of vulnerability to introduce ransomware and other malware in a network or inject malicious scripts into vulnerable codes.
