DevSecOps

From air
Revision as of 12:49, 8 March 2018 by Donsez (talk | contribs) (Created page with "''DevSecOps is about using the DevOps methodology for security. It’s about breaking the silos of security, giving that knowledge to the different teams, and ensuring that se...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

DevSecOps is about using the DevOps methodology for security. It’s about breaking the silos of security, giving that knowledge to the different teams, and ensuring that security is implemented at the right level and at the right time. DevSecOps puts security at the forefront of requirements to avoid the costly mistakes that comefrom treating security as an afterthought. Traditional security has always been about exclusion—for example, “need to know” and using the security policy to prevent people from disclosing secrets. DevSecOps is about promoting inclusion and working as a team.

From Francois Raynaud (in) on DevSecOps in https://www.computer.org/cms/Computer.org/computing-edge/ce-jan18-final.pdf