Whenever you visit our websites, information may be collected using cookies and similar tools to improve your user experience and to enhance the performance of the website.
Closing this message means you accept the use of cookies.
The Broad Adoption of Agile and DevOps Has Set the Stage for DevSecOps
Agile and DevOps Are in Lockstep
More Organizations Are Incorporating Security into Their DevOps Processes
DevSecOps Use Cases Span the Application Lifecycle
Pre-deployment Use Cases Focus on Vulnerability Management
Runtime Use Cases Focus on System Activity and Preventative Controls
Implementing DevSecOps Use Cases Requires Purposeful Security Controls
More Cloud-native Applications Will Be Covered via Secure DevOps Measures over…
The Bigger Truth
ESG Brief: The Expanding Role of DevSecOps Practices
ESG Brief
Jan 24, 2020
ESG conducted research in the fall of 2019 to examine the composition of cloud-native applications, explore the challenges associated with securing cloud-native environments, and gauge the emergence of secure DevOps programs, or “DevSecOps,” as a methodology to protect the lifecycle of modern applications. The number of organizations who have or plan to implement secure DevOps practices has grown appreciably since ESG’s similar study in 2017, leading to an expanded set of use cases and, over time, broader coverage of an organization’s footprint of cloud-native applications. DevSecOps, for the purposes of this ESG brief, is the automation of security via the integration of cybersecurity controls and processes in the continuous integration and continuous delivery (CI/CD) pipeline of DevOps.
Page Count: 5
Table of Contents
Abstract
The Broad Adoption of Agile and DevOps Has Set the Stage for DevSecOps
Agile and DevOps Are in Lockstep
More Organizations Are Incorporating Security into Their DevOps Processes
DevSecOps Use Cases Span the Application Lifecycle
Pre-deployment Use Cases Focus on Vulnerability Management
Runtime Use Cases Focus on System Activity and Preventative Controls
Implementing DevSecOps Use Cases Requires Purposeful Security Controls
More Cloud-native Applications Will Be Covered via Secure DevOps Measures over Time