Cloud Native
New AWS Competency Category - Why It's Important
AWS DevOps competency recently added a new category, DevSecOps to its arsenal. Explore our overview of the category and why it matters to security and development teams building in the cloud.
What is AWS DevOps Competency Partners?
AWS DevOps Competency Partners are vendors vetted and selected by AWS that “have demonstrated expertise in delivering DevOps solutions on AWS.” According to AWS, these solutions include: software products to simplify provisioning and managing infrastructure, deploying application code, automating software release processes, monitoring application and infrastructure performance, and integrating security best practices, policies, and guardrails into CI/CD pipelines.
Why it matters to DevOps teams
DevSecOps is the newest category, joining Continuous Integration and Continuous Delivery, Monitoring, Logging, And Performance, and Infrastructure as Code. The goal of this category is to help customers find official AWS Partners with validated DevSecOps products. Essentially, you can trust that these vendors can help you build secure cloud applications by integrating security controls and policies early into your CI/CD pipelines.
To be considered a DevSecOps product in this new category, the vendor must provide multi-layered protection across all the stages of the development lifecycle. They must scan application code, infrastructure code, and cloud configurations to shore up any security standards or policy violations. Additionally, these products must monitor applications at runtime, conduct regular security testing, scan open source code dependencies and libraries to surface software supply chain vulnerabilities, and provide mitigation and remediation guidance.
As attacks targeting development pipelines, tools, and services increase, ensuring you have security implemented from the moment the code is committed is crucial. These requirements ensure customers will have the proper and most effective security from build time to runtime without slowing down development workflows. It also helps security teams meet strict and complex compliance requirements by providing insight early into the development process as well as auto-remediation for any found misconfigurations and other violations.
Trend Micro named a launch partner
To learn more about our inclusion as an AWS Partner for the DevSecOps category, watch the video below. You can also explore our platform offering designed for DevOps teams, Trend Micro Cloud One™, here.