Doing a little research: How many platform enginee...
# general
y
Doing a little research: How many platform engineering leads consider SDLC security to be an part of their responsibilities when building IDPs?
p
A must for us.
c
Security throughout the entire SDLC is a critical part of any engineering project, potentially more so on the platform than in any other component. In my last company we had a Security Engineering team and I met almost every day with the manager of that team to ensure we were in sync with all of our product development lifecycles.
y
So if there was an SDLC security platform that integrated into your IDP and provided end to the end security and user-centric experience would that be interesting? Would you be the buyer?
p
There is no shortage of tools in this space. And dev folks are very opiniated. The idp need to just expose the right tools to standardize etc.
y
I ask because I work with a company that was recently named Gartner Cool Vendor in Platform Engineering for Scaling AppSec Processes. Here in Israel a platform team is a relatively new role and I am trying to learn more about platform Engineering and how we add value
There are a lot of tools and siloed data - I’m referring to one layer above and actually curating the data and presenting it in context along with fix recommendations
Developers could still use the tools they like - because it is tool agnostic … but security would have visibility and know what risks are the most critical
It is a way to scale devsecops
Or at least that is the thought
Intentionally not mentioning the name of the company because I don’t want this to appear sales in any way.
p
Ya, exactly we have such a tool. For me specifically, I am not interested at this time.
y
Can I ask what you use?
p
Kaiburr
y
Thank you so much. Is that common?