{"id":86340,"date":"2023-01-09T23:40:33","date_gmt":"2023-01-10T05:10:33","guid":{"rendered":"https:\/\/www.whizlabs.com\/blog\/?p=86340"},"modified":"2023-01-23T04:07:21","modified_gmt":"2023-01-23T09:37:21","slug":"devsecops-certified-expert-andreas-horn-interview","status":"publish","type":"post","link":"https:\/\/www.whizlabs.com\/blog\/devsecops-certified-expert-andreas-horn-interview\/","title":{"rendered":"Let&#8217;s begin you career in DevSecOps | An Exclusive Interview with DevSecOps Certified Expert &#8211; Andreas Horn"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">The term <\/span><b><a href=\"https:\/\/www.whizlabs.com\/devops-certifications\/\" target=\"_blank\" rel=\"noopener\">DevSecOps<\/a> <\/b><span style=\"font-weight: 400;\">stands for development, security, and operations terms and it refers to a development practice that incorporates security initiatives at each stage of the software development lifecycle for the delivery of the robust and secure applications.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The integration of the application and infrastructure security can be made easily with the Agile and DevOps tools and techniques after the advent of the DevSecOps.\u00a0 Whenever the security concerns emerge, the <span style=\"color: #003366;\"><strong>DevSecOps found to be <\/strong><\/span><\/span><span style=\"color: #003366;\"><strong>simpler, easier and less expensive to fix.\u00a0<\/strong><\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Why do you need to have a career in DevSecOps Certification?<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">As discussed earlier, advancements made in the IT industry and it significantly makes it easier to incorporate DevOps methods into app design but this kind of innovation does not attain its peak due to the advent of various compliance monitoring and security tools.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">DevSecOps can transform security of the application and infrastructure from being primary security silos into shared responsibility of security, development and IT operations teams. It is made possible to release the software sooner as well as safer by the automation of the secured software supply without causing delays in the software development cycle after the usage of DevSecOps.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As a result, various rapid application techniques tend to stack back by the inappropriate security measures. When this kind of situation emerges, then what\u2019s the usage of incorporation of DevOps methodology?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To get answers for those questions, Whizlabs interviewed the <span style=\"color: #003366;\"><strong>DevSecOps certified professional, Andreas Horn who has 8+ years of working in\u00a0 all aspects of the IT service business, including strategy, sales, financial management, planning, technical development, operations, and delivery management<\/strong><\/span>. We seek his guidance to learn more about DevSecOps as a subject and a profession and also his career trajectory in as DevSecOps.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">During the discussion, he discussed a lot more about his <span style=\"color: #003366;\"><strong>journey in DevSecOps, its certification path, skills required, preparation tips<\/strong><\/span> and so on.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Read ahead to know more about what he discussed with us and how to succeed in your career in DevSecOps.<\/span><\/p>\n<p><b>What is DevSecOps?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">DevSecOps (short for development, security, and operations) is a development practice that integrates security initiatives at every stage of the software development lifecycle to deliver robust and secure applications.\u00a0<\/span><\/p>\n<p><b>Can you describe your experience working with DevSecOps, how you got into this field?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">I started to work at IBM Consulting as an IT Consultant and switched early in my career into a project, where we used a lot of DevSecOps related practices.\u00a0<\/span><\/p>\n<p><b>First I started in a more agile role and later I switched over to engineering roles. How do you prioritize security within the development process?\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Building secure networks and applications is the number one priority and plays a key role in the whole lifecycle. From developing, testing, to the deployment. All employees get special training every year when it comes to the latest security aspects and features to consider. On top we have in our team security experts which help us to apply security frameworks etc.\u00a0<\/span><\/p>\n<p><b>Can you provide an example of a time when you had to balance the needs of development and security?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0My philosophy is that development and security need to go hand in hand.\u00a0<\/span><\/p>\n<p><b>How do you stay up to date on the latest security threats and trends?\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">We have a threat detection center which gives out critical information when they occur. Moreover, I read daily news websites to understand if there are new vulnerabilities etc. (e.g. <\/span><a href=\"https:\/\/www.heise.de\/)\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">https:\/\/www.heise.de\/)<\/span><\/a><span style=\"font-weight: 400;\">.\u00a0<\/span><\/p>\n<p><b>Can you discuss the role of automation in your DevSecOps work?\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">We try to automate as much as possible, with pipelines for example or IaaS. This helps against security issues but also increases productivity and efficiency.\u00a0<\/span><\/p>\n<p><b>Can you describe a specific challenge you faced while implementing DevSecOps, and how you overcame it?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">I see DevSecOps as a way to overcome challenges in general. DevSecOps is a toolbox of different ways to mitigate challenges.\u00a0<\/span><\/p>\n<p><b>Is it beneficial for small companies to adopt DevSecOps practices?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0100%, Everybody can benefit from it. Agile Management for example is even used in the smallest companies of our planet.\u00a0<\/span><\/p>\n<p><b>Can you give a example what happens if DevSecOps is not managed properly<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Not sure if I understand the question. If something is not managed well, it will lead to problems. It does not matter if it is a DSO or not.\u00a0<\/span><\/p>\n<p><b>What certification do I need for DevsecOps to start a career in DevsecOps?\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Practical experience is more important than any certification. There are many DSO roles. You want to be an agile coach (get a Scrum certificate), you want to be an architect (get hyper scale certification), you want to be an engineer (learn coding and do GitOps, Dev certifications) etc.<\/span><\/p>\n<h3>Summary<\/h3>\n<p><span style=\"font-weight: 400;\">In our intensive interview, Andreas Horn furnished a lot of information regarding the DevSecOps, benefits of DevSecOps, certification path in DevSecOps, preparation strategy, and so much more. It might helpful in enhance your skills and knowledge in the DevOps Career.<\/span><\/p>\n<p>Whizlabs furnish various study resources, practice tests and preparation guides and you can utilize it to know more information on DevOps. If you have any doubts in this blog, please feel free to comment us!<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The term DevSecOps stands for development, security, and operations terms and it refers to a development practice that incorporates security initiatives at each stage of the software development lifecycle for the delivery of the robust and secure applications. The integration of the application and infrastructure security can be made easily with the Agile and DevOps tools and techniques after the advent of the DevSecOps.\u00a0 Whenever the security concerns emerge, the DevSecOps found to be simpler, easier and less expensive to fix.\u00a0 Why do you need to have a career in DevSecOps Certification? As discussed earlier, advancements made in the IT [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":86356,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[1862,2],"tags":[4966],"class_list":["post-86340","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-devops","category-featured","tag-devsecops-interview"],"uagb_featured_image_src":{"full":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn.webp",1280,720,false],"thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn-150x150.webp",150,150,true],"medium":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn-300x169.webp",300,169,true],"medium_large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn-768x432.webp",768,432,true],"large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn-1024x576.webp",1024,576,true],"1536x1536":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn.webp",1280,720,false],"2048x2048":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn.webp",1280,720,false],"profile_24":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn.webp",24,14,false],"profile_48":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn.webp",48,27,false],"profile_96":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn.webp",96,54,false],"profile_150":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn.webp",150,84,false],"profile_300":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn.webp",300,169,false],"tptn_thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn-250x250.webp",250,250,true],"web-stories-poster-portrait":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn-640x720.webp",640,720,true],"web-stories-publisher-logo":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn-96x96.webp",96,96,true],"web-stories-thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/01\/Exclusive-Interview-with-DevSecOps-Certified-Expert-Andreas-Horn-150x84.webp",150,84,true]},"uagb_author_info":{"display_name":"Pavan Gumaste","author_link":"https:\/\/www.whizlabs.com\/blog\/author\/pavan\/"},"uagb_comment_info":1,"uagb_excerpt":"The term DevSecOps stands for development, security, and operations terms and it refers to a development practice that incorporates security initiatives at each stage of the software development lifecycle for the delivery of the robust and secure applications. The integration of the application and infrastructure security can be made easily with the Agile and DevOps&hellip;","_links":{"self":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/86340","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/comments?post=86340"}],"version-history":[{"count":15,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/86340\/revisions"}],"predecessor-version":[{"id":86496,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/86340\/revisions\/86496"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media\/86356"}],"wp:attachment":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media?parent=86340"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/categories?post=86340"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/tags?post=86340"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}