DevSecOps

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

Development, Security, Operations is like DevOps, except that a security layer if placed between Development and Operations.

Context

This particular morph of DevOps seems to have originated in the US DoD to solve problems like Solar Winds where Developers can place code directly into operations without a security check first.

  • The DoD Repo One was created to enable any development org to create app that could run on Platform One

Solutions

  • DoD Enterprise DevSecOps Initiative (DSOP)
    The DSOP is joint effort of the DOD’s Chief Information Officer, Office of the Undersecretary of Defense for Acquisition and Sustainment. The services focus on bringing automated software tools, services and standards to DOD programs so that warfighters can create, deploy, and operate software applications in a secure, flexible, and interoperable manner.

References