Visible Ops Security - 2nd Edition

“This second edition leverages the four phases laid out in the first edition, taking into account the state of today’s IT environment. The core concepts are just as valid today as they were five years ago.” Scott Alldridge, President, IT Process Institute

Visible Ops Security addresses the people side of IT, empowering security to work with operations teams to achieve closely aligned objectives and with development and release teams to integrate security requirements into pre-production work.

The Visible Ops Security methodology helps IT organizations move beyond a focus on technology to address the core operational aspects of security. It promotes effective teamwork, which helps security professionals ensure that security is built into key development and production processes.

Who should read it?

Visible Ops Security guides information security professionals in strengthening relationships with IT operations and development groups to advance IT objectives and business goals. This book provides all security and IT operations professionals a solid approach to meeting security goals by working with and through other functional groups within IT.


When information security sufficiently integrates into IT operations, both groups can better manage risks, and meet operational commitments.

Phase 1 – Stabilize the patient and get plugged into production: Integrate information security into daily IT operations to more effectively manage both information security and operational risks. Both groups will stop undoing each other’s work.

Phase 2 – Find business risk and fix fragile artifacts: Identify the greatest business risks, discover critical IT functionality, and ensure controls are adequate.

Phase 3 – Implement development and release controls: Move upstream in the software life-cycle to get security involved in development, project management, and release management functions

Phase 4 – Enable continual improvement: For each phase and task, implement metrics that help assess the short-term progress and long-term health of the various processes and controls.

What Readers Are Saying

“Provides clear and compelling guidance”

“Many groundbreaking insights”

“The information security playbook for reaching common business goals”

“An essential companion to The Visible Ops Handbook”