Difference between revisions of "DevSecOps"

From MgmtWiki
Jump to: navigation, search
(Solutions)
Line 8: Line 8:
 
==Solutions==
 
==Solutions==
 
* [https://software.af.mil/dsop/ DoD Enterprise DevSecOps Initiative (DSOP)]<blockquote>The DSOP is joint effort of the DOD’s Chief Information Officer, Office of the Undersecretary of Defense for Acquisition and Sustainment. The services focus on bringing automated software tools, services and standards to DOD programs so that warfighters can create, deploy, and operate software applications in a secure, flexible, and interoperable manner.</blockquote>
 
* [https://software.af.mil/dsop/ DoD Enterprise DevSecOps Initiative (DSOP)]<blockquote>The DSOP is joint effort of the DOD’s Chief Information Officer, Office of the Undersecretary of Defense for Acquisition and Sustainment. The services focus on bringing automated software tools, services and standards to DOD programs so that warfighters can create, deploy, and operate software applications in a secure, flexible, and interoperable manner.</blockquote>
 +
* [https://www.nccoe.nist.gov/sites/default/files/2022-07/dev-sec-ops-project-description-draft.pdf SOFTWARE SUPPLY CHAIN AND DEVOPS SECURITY PRACTICES Implementing a Risk-Based Approach to DevSecOps] draft 2022-07
  
 
==References==
 
==References==
  
 
[[Category: Best Practice]]
 
[[Category: Best Practice]]

Revision as of 16:44, 21 July 2022

Full Title or Meme

Development, Security, Operations is like DevOps, except that a security layer if placed between Development and Operations.

Context

This particular morph of DevOps seems to have originated in the US DoD to solve problems like Solar Winds where Developers can place code directly into operations without a security check first.

  • The DoD Repo One was created to enable any development org to create app that could run on Platform One

Solutions

References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=DevSecOps&oldid=15208"