What Are DevSecOps?

DevSecOps has emerged as an enterprise application development best practice that embraces the inherent agility benefits of DevOps, but recognizes that the security organization needs to be integrated as an early participant in the DevOps process.

Building on the DevOps process, DevSecOps involves creating a collaborative and flexible culture between release engineers and security teams as well as on the mindset of everyone being responsible for security while distributing security decisions as quickly as possible without sacrificing the safety required. Focused on creating new solutions for complex software development in an agile framework, its goal is to bridge gaps between IT and security while ensuring fast and safe code delivery.

The process is designed to increase communication and share responsibility around data security through all phases of the delivery process. Security testing is done in iterations without slowing down delivery, while any identified security issues are dealt with as they are identified throughout the development process and not after a threat or compromise has happened.