DevSecOps
Jump to navigation
Jump to search
DevSecOps is a software development method aims at delivering faster software results in a secure manner. Hence the name DevSecOps. To emphasize its grounding philosophy in managing the software creation workflow, its manifesto contains the following arguments:
Leaning in over Always Saying “No” Data & Security Science over Fear, Uncertainty and Doubt Open Contribution & Collaboration over Security-Only Requirements Consumable Security Services with APIs over Mandated Security Controls & Paperwork Business Driven Security Scores over Rubber Stamp Security Red & Blue Team Exploit Testing over Relying on Scans & Theoretical Vulnerabilities 24x7 Proactive Security Monitoring over Reacting after being Informed of an Incident Shared Threat Intelligence over Keeping Info to Ourselves Compliance Operations over Clipboards & Checklists