* [Blog](https://www.paloaltonetworks.com/blog)
* [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/)
* [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/)
* From 'DevOps vs. SecOps' ...

# From 'DevOps vs. SecOps' to DevSecOps

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdevops-vs-secops-devsecops%2F)  
[](https://twitter.com/share?text=From+%E2%80%98DevOps+vs.+SecOps%E2%80%99+to+DevSecOps&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdevops-vs-secops-devsecops%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdevops-vs-secops-devsecops%2F&title=From+%E2%80%98DevOps+vs.+SecOps%E2%80%99+to+DevSecOps&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/cloud-security/devops-vs-secops-devsecops/&ts=markdown)  
\[\](mailto:?subject=From ‘DevOps vs. SecOps’ to DevSecOps)  
Link copied  
By [Ben Collen, Director, Network and Security, DHI Group](https://www.paloaltonetworks.com/blog/author/ben-collen-director-network-and-security-dhi-group/?ts=markdown "Posts by Ben Collen, Director, Network and Security, DHI Group") and [Adrian Chan](https://www.paloaltonetworks.com/blog/author/adrian-chan/?ts=markdown "Posts by Adrian Chan")  
Aug 08, 2019  
4 minutes  
[DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)  
[Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)  
[AWS](https://www.paloaltonetworks.com/blog/tag/aws/?ts=markdown)  
[Prisma Public Cloud](https://www.paloaltonetworks.com/blog/tag/prisma-public-cloud/?ts=markdown)

[DHI Group](https://www.dhigroupinc.com/home-page/default.aspx) runs 100% in AWS. We provide a job recruiting platform for technical candidates and businesses in the United States as well as Europe and Asia-Pacific. AWS helps us deliver features to customers more quickly and reduce data center costs.

When I joined the company about two years ago, we were at the end of a three-year AWS migration plan. Our development teams were operating in a "free-for-all" state, building anything they wanted, however they wanted, with little security oversight. The attitude was simple: "Security is not my responsibility -- that's for the security team!"

The security team tried to implement guardrails to keep DevOps in check using a configuration monitoring tool along with another point tool that handled flow log analysis and network alerting. So many alerts were generated that it was nearly impossible to use them to draw meaningful conclusions and prioritize remediation. Ultimately, security was overcome by "alert fatigue," and the point products caused more harm than good.

**A Better Way: Enter Prisma Cloud**

We sought a replacement that combined configuration analysis and network analysis -- and more importantly, data correlation and context -- to reduce the number of security alerts and allow the security team to prioritize threats that really matter. We chose Prisma Cloud after reviewing several products. It's easy to deploy, agentless and took just 5 to 10 minutes to set up and get running.

Here's why we picked Prisma Cloud:

Catalyst to Cultural Transformation

In the past, when something would break, it was difficult and time-consuming for DevOps to track down what went wrong. Prisma Cloud's AWS CloudTrail history allows DevOps to easily identify exactly what changed, when it changed and who changed it.

**Changing Bad Habits**

Most of our developers and engineers didn't know much about configuring AWS securely. Prisma Cloud enabled us to clearly communicate our standards across the organization through its guided, automated remediation capabilities. That allows developers to "learn as they go" without feeling they were doing extra work.

**Instilling Community**

DHI's developers are spread across the globe. While the security team has good relationships with developers who work alongside us in our home office, we had very little contact developers working remotely and in branch offices. This made it nearly impossible to enforce security standards. The culture shifted after we implemented Prisma Cloud. We now have security chat rooms where teams can share best practices and ask for help in real time.

Prisma Cloud has helped reduce the volume of required follow up activity. There's a sense of accountability. Developers know that if they don't build securely in AWS, they will be required to go back and fix their mistakes. I can confidently say that security is no longer an afterthought. We've been able to "shift left" and bake security into the development process.

**Outcomes**

We achieved security and business improvements after moving to Prisma Cloud. Here are three significant ones:

1. **Winning Trust With Stakeholders: When I talk to the board of directors, they want to know about breaches across our industry, exposed S3 buckets or other vulnerabilities that are reported. They ask me if we are protected against such issues and how we would know if we were affected. Prisma Cloud makes it easy for me to demonstrate that we have visibility into these resources and would know almost instantly in the event of an exposure.**
2. Maintaining Continuous Security Posture: In the past, our security posture was always continually getting worse. As we built more in AWS, we were slowly digging ourselves into a bigger security hole. Now, we fix problems as they arise. It's a "clean as we go" mentality.
3. Enabling Security Automation: When you start building infrastructure as code, you quickly see the security issues that arise. Your first question then becomes, "How do we automate the remediation of these?" Implementing a tool like Prisma Cloud will be your first step in enabling an automated cloud security strategy.

**When Dev and Sec Teams Unite**

I have watched our company culture transform over two years. The security team went from being siloed and excluded from engineering and architecture discussions to being a critical part of those discussions and, in some cases, leading them.

My belief is that there is pretty much always a way to build something securely, and I hesitate to ever say no to anything. Prisma Cloud provides the visibility and actionable intelligence required to protect your cloud data and your business.

***Want to try it out yourself? Sign up for a*** [***30-Day Free Trial***](https://marketplace.paloaltonetworks.com/s/product-rdl?utm_medium=social_media&utm_source=socialwave)***.***

*** ** * ** ***

## Related Blogs

### [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### Prisma Cloud Native Security Platform Embeds Security into DevOps Lifecycle](https://www.paloaltonetworks.com/blog/cloud-security/cloud-native-security-platform-2/)

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### Seven Guiding Principles to Selecting the Right Cloud Security Solution](https://www.paloaltonetworks.com/blog/2019/07/seven-guiding-principles-selecting-right-cloud-security-solution/)

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### How Western Asset Management Is Mitigating Cloud Threats](https://www.paloaltonetworks.com/blog/2019/07/western-asset-management-mitigating-cloud-threats/)

### [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### Top 3 IAM Risks in Your GitHub Organization](https://www.paloaltonetworks.com/blog/cloud-security/prevent-inadequate-iam-github-organization/)

### [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### ChatGPT and Checkov: Fix IaC Security Issues Fast](https://www.paloaltonetworks.com/blog/cloud-security/chatgpt-checkov-iac-security/)

### [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### How To Prevent the 5 Most Common Software Supply Chain Weaknesses](https://www.paloaltonetworks.com/blog/cloud-security/common-software-supply-chain-weaknesses/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language