{"id":63143,"date":"2022-03-24T09:00:38","date_gmt":"2022-03-24T09:00:38","guid":{"rendered":"https:\/\/www.cryptocabaret.com\/?p=63143"},"modified":"2022-03-24T09:00:38","modified_gmt":"2022-03-24T09:00:38","slug":"a-guide-to-implementing-devsecops","status":"publish","type":"post","link":"https:\/\/www.cryptocabaret.com\/?p=63143","title":{"rendered":"A guide to implementing DevSecOps"},"content":{"rendered":"<p><span class=\"field field--name-title field--type-string field--label-hidden\">A guide to implementing DevSecOps<\/span><br \/>\n<span class=\"field field--name-uid field--type-entity-reference field--label-hidden\"><a title=\"View user profile.\" href=\"https:\/\/opensource.com\/users\/willkelly\" class=\"username\">Will Kelly<\/a><\/span><br \/>\n<span class=\"field field--name-created field--type-created field--label-hidden\">Thu, 03\/24\/2022 &#8211; 03:01<\/span><\/p>\n<div data-drupal-selector=\"rate-node-69756\" class=\"rate-widget-thumbs-up\">\n<div class=\"rate-thumbs-up-btn-up rate-thumbs-up-btn-up vote-pending\">Up<\/div>\n<div class=\"rate-score\"><a href=\"https:\/\/opensource.com\/user\/register?absolute=1\">Register<\/a> or <a href=\"https:\/\/opensource.com\/user\/login?current=\/rss.xml&amp;absolute=1\">Login<\/a> to like.<\/div>\n<\/div>\n<div class=\"clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item\">\n<p>DevSecOps adoption offers your enterprise improved security, compliance, and even competitive advantages as it faces new threat vectors, a new world of work, and demanding customers. It&#8217;s only a matter of time before DevSecOps subsumes DevOps because it offers the same core practices but adds a security focus to each phase of the development lifecycle.<\/p>\n<p>In this new <a href=\"https:\/\/opensource.com\/downloads\/guide-implementing-devsecops\">eBook<\/a>, I take a phased approach to DevSecOps transformation. While the eBook targets readers already familiar with DevOps practices, you can still use it to chart your course from a legacy software development life cycle (SDLC) straight to DevSecOps.<\/p>\n<\/p>\n<div class=\"embedded-resource-list callout-float-right\">\n<div class=\"field field--name-title field--type-string field--label-hidden field__item\">More DevOps resources<\/div>\n<div class=\"field field--name-links field--type-link field--label-hidden field__items\">\n<div class=\"field__item\"><a href=\"https:\/\/opensource.com\/resources\/devops?intcmp=7013a00000263HlAAI\">What is DevOps?<\/a><\/div>\n<div class=\"field__item\"><a href=\"https:\/\/opensource.com\/downloads\/devops-hiring-guide?intcmp=7013a00000263HlAAI\">The ultimate DevOps hiring guide<\/a><\/div>\n<div class=\"field__item\"><a href=\"https:\/\/opensource.com\/downloads\/devops-monitoring-guide?intcmp=7013a00000263HlAAI\">DevOps monitoring tools guide<\/a><\/div>\n<div class=\"field__item\"><a href=\"https:\/\/opensource.com\/downloads\/guide-implementing-devsecops?intcmp=7013a00000263HlAAI\">A guide to implementing DevSecOps<\/a><\/div>\n<div class=\"field__item\"><a href=\"https:\/\/enterprisersproject.com\/cheat-sheet-devops-glossary?intcmp=7013a00000263HlAAI\">Download the DevOps glossary<\/a><\/div>\n<div class=\"field__item\"><a href=\"https:\/\/www.ansible.com\/resources\/ebooks\/ansible-for-devops?intcmp=7013a00000263HlAAI\">eBook: Ansible for DevOps<\/a><\/div>\n<div class=\"field__item\"><a href=\"https:\/\/opensource.com\/tags\/devops?intcmp=7013a00000263HlAAI\">Latest DevOps articles<\/a><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<h2>Getting to know DevSecOps<\/h2>\n<p>DevSecOps incorporates security in every stage of the cycle while preserving the best qualities of DevOps. It knocks down the silos between your development, security, and operations teams. Benefits of DevSecOps include:<\/p>\n<ul>\n<li>Prevention of security incidents before they happen: By integrating DevSecOps within your CI\/CD toolchain, you help your teams detect and resolve issues before they occur in production.<\/li>\n<li>Faster response to security issues: DevSecOps increases your security focus through continuous assessments while giving you actionable data to make informed decisions about the security posture of apps in development and whether they are ready to enter production.<\/li>\n<li>Accelerated feature velocity: DevSecOps teams have the data and tools to mitigate unforeseen risks better.<\/li>\n<li>Lower security budget: DevSecOps enables streamlined resources, solutions, and processes, simplifying the development lifecycle.<\/li>\n<\/ul>\n<p>This eBook breaks down the DevOps and DevSecOps transformation into a framework your enterprise can follow to integrate more security into CI\/CD pipelines and the organizational culture.<\/p>\n<h2>Embracing the DevOps to DevSecOps transformation<\/h2>\n<p>Moving from DevOps to DevSecOps is a fundamental transformation for your entire organization. DevSecOps will change your culture as continuous feedback, team autonomy, and training promote a new way of working for your technical staff.<\/p>\n<p>In fact, you also should <a href=\"https:\/\/opensource.com\/article\/22\/2\/involve-people-who-dont-code-devops\">account for non-coders<\/a> such as your sales and marketing teams in your transformation, as DevSecOps provides stakeholders with even more data and reporting than you could offer them with DevOps. For example, a move to DevSecOps enables your salespeople to tell a powerful security and compliance story.<\/p>\n<p>While you may have introduced automation through your DevOps journey, a DevSecOps transformation takes it up a notch. You&#8217;ll need to bring your culture along with that change. The developers, cybersecurity specialists, and stakeholders will feel the changes from the increased automation that comes from the DevSecOps transformation.<\/p>\n<p>This eBook also walks you through a DevSecOps maturity model that provides another way to chart your organization&#8217;s journey. Like DevOps, DevSecOps brings a need for collaboration and iteration to continuously improve your tools and processes.<\/p>\n<h2>Start your DevSecOps transformation now<\/h2>\n<p>Get started on your DevOps to DevSecOps transformation with this new eBook. Face your DevSecOps shift with confidence as your organization&#8217;s processes mature. In addition to this eBook, Opensource.com has published several informative articles about DevOps and DevSecOps practices that provide additional insights and learning.<\/p>\n<h2><a href=\"https:\/\/opensource.com\/downloads\/guide-implementing-devsecops\"><strong>Download now: A guide to implementing DevSecOps<\/strong><\/a><\/h2>\n<\/div>\n<div class=\"clearfix text-formatted field field--name-field-article-subhead field--type-text-long field--label-hidden field__item\">\n<p>This downloadable guide helps you chart a course through your organization&#8217;s DevOps to DevSecOps transformation.<\/p>\n<\/div>\n<div class=\"field field--name-field-lead-image field--type-entity-reference field--label-hidden field__item\">\n<article class=\"media media--type-image media--view-mode-caption\">\n<div class=\"field field--name-field-media-image field--type-image field--label-hidden field__item\">  <img decoding=\"async\" src=\"https:\/\/www.cryptocabaret.com\/wp-content\/uploads\/2022\/03\/devops_confusion_wall_questions.png\" width=\"1040\" height=\"584\" alt=\"Brick wall between two people, a developer and an operations manager\" title=\"Brick wall between two people, a developer and an operations manager\" loading=\"lazy\"><\/div>\n<\/article>\n<\/div>\n<div class=\"field field--name-field-tags field--type-entity-reference field--label-hidden field__items\">\n<div class=\"field__item\"><a href=\"https:\/\/opensource.com\/tags\/devops\" hreflang=\"en\">DevOps<\/a><\/div>\n<div class=\"field__item\"><a href=\"https:\/\/opensource.com\/tags\/security-and-privacy\" hreflang=\"en\">Security and privacy<\/a><\/div>\n<\/p><\/div>\n<div class=\"hidden field field--name-field-listicle-title field--type-string field--label-hidden field__item\">What to read next<\/div>\n<div class=\"field field--name-field-default-license field--type-list-string field--label-hidden field__item\"><a rel=\"license\" href=\"http:\/\/creativecommons.org\/licenses\/by-sa\/4.0\/\"><br \/>\n        <img decoding=\"async\" alt=\"Creative Commons License\" src=\"https:\/\/www.cryptocabaret.com\/wp-content\/uploads\/2022\/03\/cc-by-sa--10.png\" title=\"This work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License.\"><\/a>This work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License.<\/div>\n<section class=\"field field--name-field-comments field--type-comment field--label-hidden comment-wrapper\">\n<div class=\"comments__count\">\n<div class=\"login\"><a href=\"https:\/\/opensource.com\/user\/register?absolute=1\">Register<\/a> or <a href=\"https:\/\/opensource.com\/user\/login?current=\/rss.xml&amp;absolute=1\">Login<\/a> to post a comment.<\/div>\n<\/p><\/div>\n<\/section>\n<p class=\"wpematico_credit\"><small>Powered by <a href=\"http:\/\/www.wpematico.com\" target=\"_blank\" rel=\"noopener\">WPeMatico<\/a><\/small><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A guide to implementing DevSecOps Will Kelly Thu, 03\/24\/2022 &#8211; 03:01 Up Register or Login to like. DevSecOps adoption offers your enterprise improved security, compliance, and even competitive advantages as it faces new threat vectors, a new world of work, and demanding customers. It&#8217;s only a matter of time before DevSecOps subsumes DevOps because it [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":63144,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[307],"tags":[],"class_list":["post-63143","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-open-source"],"_links":{"self":[{"href":"https:\/\/www.cryptocabaret.com\/index.php?rest_route=\/wp\/v2\/posts\/63143","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cryptocabaret.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cryptocabaret.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cryptocabaret.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cryptocabaret.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=63143"}],"version-history":[{"count":0,"href":"https:\/\/www.cryptocabaret.com\/index.php?rest_route=\/wp\/v2\/posts\/63143\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cryptocabaret.com\/index.php?rest_route=\/wp\/v2\/media\/63144"}],"wp:attachment":[{"href":"https:\/\/www.cryptocabaret.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=63143"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cryptocabaret.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=63143"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cryptocabaret.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=63143"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}