Implementing DevSecOps in a Legacy Environment

It’s a myth that organizations with legacy systems cannot implement DevSecOps, says Md.Mahbubul Alam Rafel, head of information security at Prime Bank in Bangladesh.

“I am optimistic that legacy organizations can implement DevSecOps even if they do not have container application and microservice-based architecture. It is not necessary,” Rafel says in an interview with Information Security Media Group.

“To me, DevSecOps is a combination of culture, practice and tools. So we can adopt the combination of culture and practice first.”

In this interview with Information Security Media Group (see audio link below photo), Rafel also discusses:

  • How the concept of DevSecOps is maturing in Bangladesh;
  • The challenges of implementing DevSecOps;
  • The differences between application security and DevSecOps

As leader of the information security division of Prime Bank, Rafel focuses on delivering deep-dive security testing, implementing contextualized cyber solutions and uplifting cybersecurity specialists’ skills. He’s also a member of the bank’s digital transformation working group.

Share this post

Share on facebook
Share on linkedin
Share on print
Share on email

Subscribe to our Monthly Cyber Security Digest

Get monthly content to keep you up to date on the latest news and tips