1. Home
  2. DevSecOps

DevSecOps

DevSecOps stands for development, security, and operations. It’s an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire IT lifecycle.

DevSecOps means thinking about application and infrastructure security from the start. It also means automating some security gates to keep the DevOps workflow from slowing down. Selecting the right tools to continuously integrate security, like agreeing on an Integrated Development Environment (IDE) with security features, can help meet these goals. However, effective DevOps security requires more than new tools. It builds on the cultural changes of DevOps to integrate the work of security teams sooner rather than later.

This practice of prioritizing security from the earliest stages of planning and development throughout runtime is often referred to as shift left and shift right security. Implementing and automating DevSecOps with a shift left approach provides developer-friendly guardrails that can decrease user error at build and deploy stages and protect workloads at runtime. To shift right is to continue the practice of testing, quality assurance, and performance evaluation in a post-production environment.