3.1 DevSecOps

Transitioning to a DevOps architecture or the cloud, and rebuilding applications require significant changes in technological oversight and resources. Changes to the development teams and internal procedures are required to provide the agility needed within a DevOps environment. Specifically, activities such as: 1) team members, roles and responsibilities need to be redefined, and 2) adopting new tools. In addition, incorporating security requirements and risk management practices within the DevOps lifecycle is important to address potential security threats.

Development, Security, and Operations (DevSecOps) integrates security requirements into the DevOps process. ...