Do a Google News search for “cybersecurity” and you will get tens of millions of results. Of course, that doesn’t mean there have been any cybersecurity incidents in the past few weeks or as many, but it definitely feels that way. The application supply chain is a primary target for this cyber attack onslaught, which is what makes DevSecOps – integrating app security into end-to-end development – so critical. In fact, the Pentagon’s new IT modernization strategy will be based in part on the new DevSecOps 2.0 guidelines.

There is DevOps plus security and then there is DevSecOps. What is the difference? In the first case, safety is a third wheel. In the second, it is the third leg of the stool – an integral part of the system that is barely noticeable until it disappears. To be effective, security must be everywhere – throughout the pipeline used to build and deploy, as well as at runtime …


Source link

Leave a Reply