“DevSecOps stands for development, security and operations. It is an approach often used in software development that integrates security into all aspects of the system including culture, design and automation.
DevSecOps has become an integral strategy for agencies across government to include the departments of Defense and Homeland Security as they guard against software vulnerabilities like malware...”
“The General Services Administration identifies the business benefits of DevSecOps ‘through improved operations, reduced re-work, increased quality through automated testing and monitoring, and projects / products delivered early and often with less cycle time to the customer or end-user.’
GSA leaders identified the need for continuous integration and delivery as key elements of a DevSecOps culture. In order to achieve this, experts at GSA ‘encourage and support frequent code check-in, version control, sensible test automation, continuous low-risk releases and feedback, often through a number of electronic tools.’...”
“United States Citizenship and Immigration Services CTO Rob Brown said even though his IT department implemented DevSecOps successfully there have still been several challenges.
‘One of the largest challenges across the board … is really the skills, the training, ensuring folks are continuously improving in those various disciplines,’ he said on the panel. ‘It's ongoing, and I can't stress enough that's probably the No. 1 challenge.’...” Read the full article here.
Source: What is DevSecOps? – By Nikki Henderson, March 9, 2022. GovCIO.
Reply to this post...