Jeff Fairman is the Senior Vice President of the engineering team, working to develop and scale NowSecure’s enterprise mobile security solutions.
How does NowSecure fit in DevOps?
We’re able to embed security during the CI/CD process, as a part of the build process. We reduce the friction and time to get a release out. No longer are you testing at the end, and your security analyst is actually your friend. He’s not someone at the end that says, “Hey, you can’t release this thing.” You already know that.
What’s unique about NowSecure’s internal DevOps pipeline?
Technologically, we need to orchestrate many different aspects when we do analysis for mobile applications. Because we run on a real device, it’s a little bit trickier. We have an AWS platform perspective, but it’s got to be able to run on a device. So how do you mirror that thing up together? Well, it’s all about orchestration. We’ve created our own pipeline products internally that allow us to, just like a Jenkins, pipeline different aspects of jobs — to be able to compose and create an analysis for an app. It’s pretty cool technology. How do we make those outputs be the same, even though they’re deployed vastly different?
How does our own security fit in?
Another aspect of our stuff is security. DevOps people are what we would classically call a “secure DevOps” person. They’re very security-minded, and we’re installing our own security within our products and solutions.
How does NowSecure deliver at scale?
The way that we have orchestrated our products, it’s a very linear growth in the sense that with AWS, we’re able to grow at whatever we need from a docker container perspective. But our devices expand the same way. Traditionally companies have taken a fairly long time to produce an analysis for an app. With NowSecure, they are able to break down the job and get an analysis within 15 minutes on average. So it’s pretty impressive in terms of what we may be able to take a multi-day, multistep process and be able to collapse it into an analysis that can be completed in 15 minutes at scale. So the more customers we have, we just keep on adding devices. And we’re in the hundreds now.
NowSecure impact and the key value is that we can insert agile into the DevSecOps?
As a former CTO of brokerage, the key value here is that you’re able to get the analysis done during the build — the CI/CD phase of delivering an application, as opposed to waiting until the end, and getting a laundry list of things that need to go rework.
Create a secure streamlined development process with NowSecure
Get a free report today and experience the NowSecure difference.