DevSecOps, short for Development, Security, and Operations, is an approach that emphasizes the integration of security practices and principles into every stage of the software development lifecycle.
It aims to bridge the gap between development teams, security teams, and operations teams, fostering collaboration and shared responsibility for the security of software applications.
Traditionally, security has been an afterthought in the software development process, often leading to vulnerabilities and weaknesses that can be exploited by malicious actors. However, DevSecOps seeks to address this issue by embedding security into the very fabric of the development process.
In this Help Net Security round-up, we present excerpts from previously recorded videos featuring experts in the field. They share their knowledge and insights on the approach that merges development, security, and operations.
- Larry Maccherone, Leader in DevSecOps Transformation at Contrast Security, talks about the difficulties many organizations have with staffing a modern applications security program and how a different approach built around a concept of Dev-first security, or DevSecOps, can fundamentally change the math so it’s no longer insurmountable.
- Daniel Riedel, SVP Strategic Services at Copado, talks about what DevSecOps is, and how it impacts software development.
- Mark Troester, VP of Strategy, Progress, uncovers the true state of DevOps and DevSecOps adoption.