DevSecOps is “development”, “security” and “operations” which is the current and upcoming practice of incorporating security at every phase of the SDLC(software development life cycle) rather than at the end of the lifecycle(whether it is done or not is another story! 🙂 This ensures that we have secure software and at a much more faster pace.
Before the advent of DevSecOps, programming was just programming. There was no thought of security at the time of coding. Security was always an after thought after the entire process. This slowed the entire lifecycle since finding and sealing vulnerabilities was a much more cumbersome process.
Now, with different and sophisticated types of attacks occurring quite frequently, good security practices have gained prominence. According to the OWASP Top 10 Web application security risks, a category called “Insecure design” has been created and is at fourth position. This indicates that risks due to design flaws are rising in prominence.
The practice of “DevSecOps” effectively seeks to close the vulnerabilities by adopting security practices as early as possible. It makes security a shared responsibility as part of the development and operations team as well.
This post is a part of Blogchatter Half Marathon 2023
Something new for me.