Professional Documents
Culture Documents
Is basically a security enabled DevOps. It is an early integration of security culture, tools and
practices into each phase of development and operations process
The whole emphasis is about how to bring security as part of Dev Sec Ops.
In short to say bring Dev Security and operations teams together and bringing the culture and
mindset for developers to have security first when they develop the code. To bring security to bring
from far right of the pipeline to let of the pipeline (Meaning to bring security to the initial stage of
SDLC).
The developer can fix the vulnerabilities much earlier with very minimal cost.
Advantages of DevSecOps
Important tool of DevSecOps is CICD (Continuous integration and Continuous Delivery) solution.
Plan and develop – capability that allows user stories, planning sprints and coding, source code
repository GitHub.
Build
The whole emphasis is about how to bring security as part of Dev Sec Ops.
In short to say bring Dev Security and operations teams together and bringing the culture and
mindset for developers to have security first when they develop the code. To bring security to bring
from far right of the pipeline to let of the pipeline (Meaning to bring security to the initial stage of
SDLC).
The developer can fix the vulnerabilities much earlier with very minimal cost.
The main concept is to automate the whole pipeline with security integration.