DevSecOps

From MIT Technology Roadmapping
Jump to navigation Jump to search

DevSecOps is a software development method aims at delivering faster software results in a secure manner. Hence the name DevSecOps. To emphasize its grounding philosophy in managing the software creation workflow, its manifesto contains the following arguments:

Leaning in over Always Saying “No”
Data & Security Science over Fear, Uncertainty and Doubt
Open Contribution & Collaboration over Security-Only Requirements
Consumable Security Services with APIs over Mandated Security Controls & Paperwork
Business Driven Security Scores over Rubber Stamp Security
Red & Blue Team Exploit Testing over Relying on Scans & Theoretical Vulnerabilities
24x7 Proactive Security Monitoring over Reacting after being Informed of an Incident
Shared Threat Intelligence over Keeping Info to Ourselves
Compliance Operations over Clipboards & Checklists