What are the best practices for network security for an internal development env

Question

What are the best practices for network security for an internal development environment. Besides adhering to updates, antivirus, and firewall.

For instance, is it recommended to use an IDS/IPS like Snort? Should you be whitelisting outgoing ports? Developers often needs access to a variety of resources, especially for testing purposes.

What kind of security controls are often overlooked in these type of environments?

I know this is a very broad question, so any and all answers are appreciated.

EDIT: The network is an internet connected LAN.

Explanation / Answer

Yes, follow a iSMS such as ISO 27002, PCI DSS, Visible Ops Security, or similar.

Overlooked controls include 2FA authentication and TLS protection of developer repos (e.g., GitLab, Subversion, Atlassian, Perforce, et al) that conform to SSL Labs criteria, as well as other components of Application Lifecycle Management (ALM), such as tools for bugtracking, code documentation, code review, collaboration, et al. API keys are always at risk: developers accidentally leave these in their code, .git/.svn folders, etc. Be aware, have backups, and have a backup plan when all else fails.

Related Questions

Navigate

• Browse (All)
• Browse W
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.