Prioritize security hygiene before investing heavily in security

If you care about security start with security hygiene. 🛀

Here is how and why:

Too often people ask me about important security aspects like:

  • Container vulnerability scanning (in-cluster and in-CI/CD)
  • Intrusion detection

Unfortunately, these security aspects are useless without security hygiene.

  • ⚠️ Container vulnerabilities MUST lead to patching.
  • ⚠️ Intrusion detection MUST lead to someone investigating.

✨ So start with security hygiene first!

  1. Define clear scopes, so each team is empowered to improve security in their area of responsibility. Fully map your tech stack to teams, so that things “don’t fall between chairs”.
  2. Foster the right alerting culture. Each team must be empowered to tune alerts within their scope to find the right signal-to-noise ratio.
  3. Practice disaster recovery: Any incident needs a way out. Embolden the team to make whatever updates are necessary for security and stability.
  4. Foster good maitenance habits, so security patching can actually happen.

What about you?

Have you seen heavy investment in security without proper hygiene? Please share your story in the comments on this LinkedIn post.