A ‘shift left’ for security
As you may have guessed, DevSecOps basically adds a ‘security’ dimension to the widely known DevOps framework. They also have the same basic goals: to transcend traditional silos and facilitate collaboration, shorten time-to-delivery, and enable the continuous delivery of high-quality software.
Joachim Dheedene, DevSecOps lead at delaware explains: “In the past, development, operations and security teams all worked separately and in succession on software. As a result, security issues were discovered very late in the process, if at all. Not only could these halt the entire process, they often required months of rework from the development team, causing considerable delays. Now that development cycles take only weeks or days, this siloed approach is simply not scaleable anymore. With DevSecOps, the security team is involved right from the start, in what is known as a ‘shift left’.”