In DevSecOps, security is the shared responsibility of everyone in the DevOps value chain. DevSecOps involves ongoing, flexible collaboration between development, release management (or operations), and security teams. In short, DevSecOps helps you maintain velocity without compromising security.
What Is DevOps?
Firstly, DevOps is an acronym, short for development (Dev) and operations (Ops). It is mainly the union of people, processes and technology to continually provide value to the business and their customers. It can also be its own department of engineers who posses hybrid skills that developers, network administrators and operations have.
Their main focus is to take the former siloed departments like development, IT operations, and quality engineering to collaborate and coordinate them into one. Their outcome should lead to a faster time to market, readily available systems, and more reliable products.
By adopting to DevOps practices and implementing their tools, teams gain the ability to better respond to customer needs, enable continuous feature integration, and increase confidence in the applications they produce.
Examples of DevOps practices would be:
- Continuous development
- Continuous testing
- Continuous integration (CI)
- Continuous delivery
- Continuous deployment (CD)
- Continuous monitoring
- Infrastructure as code
However, the problem in the past was that these practices allowed us to develop too fast, not run vulnerability scans, and not allow us to be security compliant. This allowed systems, resources, and code to have open vulnerabilities.
*** ***
#devops #devsecops #security
