Application Security , Next-Generation Technologies & Secure Development , Video

Snyk's Iain Rose on How to Secure Cloud-Native Environments

Rose on Why Apps and Dev Workflows Must Embrace the Cloud's Rapid Rate of Change
Iain Rose, solutions engineer, Snyk

Organizations should build apps and design development workflows in a way that embraces how quickly cloud-native architectures change, says Snyk Solutions Engineer Iain Rose.

See Also: Secure Your Azure Environment

Unlike traditional on-premises environments, which have infrastructure that is patched, maintained and supported by an operations team, containerized applications are designed to be ephemeral, Rose says. As a result, applications requiring changes in a cloud environments are simply discarded and quickly replaced by a new version without the issue at hand, according to Rose (see: Snyk Engineer on the Rift Between Developers, Security Teams).

"Rather than developers just being responsible for the code they write or the selection of open-source libraries that they use to support their applications, they're also maintaining the operating system the applications are running on," Rose says. "Everything in there from the application to any libraries that the operating system needs to support it are now being maintained by the developers."

In this video interview with Information Security Media Group, Rose also discusses:

  • The biggest challenges to getting developers trained around security;
  • How modern tools embed security within the development life cycle;
  • Best practices to bridge the divide between development and security teams.

Before joining Snyk as a solutions engineer in December 2020, Rose worked as a software development engineer for BC Ferries, a solutions architect at Chef Software, and a software engineer and senior product manager at xMatters. Prior to that, Rose spent over four years as a quality assurance manager at Electronic Arts and two years at Telus doing quality assurance and development work.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.