To ensure data and services are protected against attack, DevOps is evolving to incorporate cybersecurity practices across the lifecycle. Organizations need to take into account the fast-moving nature of continuous innovation, and a rapidly evolving and fragmented threat landscape: otherwise security can get in the way of delivery speed. DevSecOps seeks to quite literally insert security into the DevOps activity stream, reducing risk without creating bottlenecks or increasing cost.
This report sets out the thinking behind DevSecOps and explains how to protect data and services, assure privacy and trust, and remain compliant, without losing the ability to innovate and scale new software solutions. It is aimed at those decision-makers and security professionals that are facing the challenges of balancing security and innovation.