While DevOps culture has brought innovation to the industry and transformed the way software is developed, it’s arguably an outdated concept.
The truth is that DevOps has allowed for new features and applications to be rolled out at such speed that traditional security practices simply aren’t able to keep up. The other problem is that the security testing that does occur (e.g., penetration testing and code reviews), usually takes place towards the end of the DevOps lifecycle, which is often too late.
This is where DevSecOps comes in. The main idea behind DevSecOps is to incorporate security far earlier into the software lifecycle development process. Unfortunately, when speed is everything, developers are often reluctant to prioritize security – so how do you make DevSecOps stick with d ..
Support the originator by clicking the read the rest link below.
