IEEE Access

An Extensive Analysis on Threat Models in DevSecOps

Journal: IEEE Access

Manuscript ID Access-2023-23494

Manuscript Type: Regular Manuscript

Date Submitted by the

06-Aug-2023
Author:

Complete List of Authors: S, Nagasundari; PES University, Department of Computer Science and
Engineering
Mathur, Priyansh; PES University, Department of Computer Science and
Engineering
Manja, Pratham; PES University, Department of Computer Science and
Engineering
PRASAD HONNAVALLI, B.; PES University, Department of Computer
Science and Engineering

Subject Category<br>Please
select at least two subject
Computers and information processing, Industry applications
categories that best reflect
the scope of your manuscript:

Keywords: <b>Please choose

keywords carefully as they
Application security, Cloud computing security, Threat assessment
help us find the most suitable
Editor to review</b>:

Additional Manuscript
Keywords:

For Review Only

Page 1 of 20 IEEE Access

1
2
3
4
5
6
7
AUTHOR RESPONSES TO IEEE ACCESS
8 SUBMISSION QUESTIONS
9 Author chosen
10 Survey
manuscript type:
11
This article focus on threat models for DevSecOps. The motivation
12
of the paper is to offer a thorough and methodical analysis of
13
14
current threat models and their applicability in the context of
15 DevSecOps methods. This study is presented as a survey paper,
Author explanation
16 since it tries to synthesize and evaluate diverse studies and
/justification for
17 techniques relevant to threat modeling in the DevSecOps sector.
choosing this
18 The article takes an organized approach, methodically gathering
manuscript type:
19 data from several sources, including scholarly works, business
20 reports, and actual case studies. It gives a general overview of the
21 various threat modeling methodologies and frameworks utilized in
22 the DevSecOps process. supports the survey manuscript type.
23 As the number of application vulnerabilities and security issues are
24 rising during the application development and delivery, it is very
25 Author description of
essential to discuss and study about devsecops methodology. IEEE
26 how this manuscript fits
access publishes articles which are in need of the hour and the
27 within the scope of IEEE
IEEE access articles could be reached to a wider audience. Hence
28 Access:
it is appropriate to publish about the survey of threat models in
29
devsecops in IEEE access.
30
Author description
31
32
detailing the unique As per the reviewed literature, no article is discussing about the
33 contribution of the threat models in Devsecops. Hence the threat models in Devsecops
34 manuscript related to discussion is the highlight of the paper.
35 existing literature:
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60 For Review Only
 IEEE Access Page 2 of 20

1
2
3
4
5
6
An Extensive Analysis on Threat Models in
7
8 DevSecOps
9
10 Priyansh Mathur1, Pratham Manja2, Prasad B Honnavalli3, Nagasundari S4
11 1
2
Department of Computer Science and Engineering, PES University, Bangalore (e-mail: mathur.priyansh15@gmail.com)
Department of Computer Science and Engineering, PES University, Bangalore (e-mail: prathammanja76@gmail.com)
12 3
Professor, Department of Computer Science and Engineering, PES University, Bangalore (e-mail: prasadhb@pes.edu)
13 4
Associate Professor, Department of Computer Science and Engineering, PES University, Bangalore (e-mail: snagasundari5@gmail.com)
14 Corresponding author: Nagasundari S (e-mail: snagasundari5@gmail.com).
15
ABSTRACT In this analysis, we delve into the world of threat models in the context of DevSecOps. As
16
organizations increasingly adopt DevSecOps practice, understanding the possible risks and vulnerabilities
17
that can arise in this context becomes critical. This study attempts to identify and analyze many threat
18
models that organizations may face by studying the various components of DevSecOps, such as its
19
principles, methodology, tools, and workflows. Furthermore, it explores the integration of security and
20
monitoring practices throughout the development pipeline. It emphasizes the importance of addressing
21
security concerns early in the software development life cycle, and discusses the strategies and best
22
practices that could be adapted to mitigate any potential threats. It also highlights the significance of
23
monitoring and incident response in promptly detecting and mitigating threats. Therefore, it provides
24
valuable insights and practical guidance for practitioners, security professionals, and decision-makers
25
involved in DevSecOps initiatives.
26
27
28 INDEX TERMS DevOps, DevSecOps, Threat modeling, Application Security, Vulnerability Assessment.
29
30
31 I. INTRODUCTION
32 Threat to security is one of the widely known consequences
33 that organizations are concerned with today. One of the
34 studies undertaken by Kraemer [1] revealed that tight
35 schedules and uneven workload distribution can lead to the
36 accidental introduction of security vulnerabilities into
37 software systems. According to the aforementioned
38 researchers, the primary source of vulnerabilities is the lack
39 of security understanding in DevOps teams. This reduces
40 the security of a system by lowering the quality of security FIGURE 1. Importance of DevSecOps

41 checks. Furthermore, cybercrime has increased in recent

42 years. For example, the number of stolen or compromised Another study undertaken by the researchers at Gartner [4]
43 records is believed to have increased by 133% between stated that to understand their exposure to risks, Chief
44 2017 and 2018 [2]. Information Security Officers (CISOs) must update their
45 assessment practices by establishing Continuous Threat
46 According to Cybersecurity insiders [3], as depicted in Exposure Management (CTEM) programs. They also
47 Figure 1, 27% of customizations hold DevOps accountable predicted that by 2026, organizations prioritizing their
48 for security remediation. DevOps is a prominent security investments based on a CTEM program would
49 methodology in the software industry that attempts to have two-thirds fewer breaches, protecting their assets from
50 automate every manual effort. Businesses are now not only any external assault. Data is a critical asset that must be
51 investing in shorter development cycles and speedy protected regardless. This can be achieved by creating a
52 delivery but are also trying to reduce their threat surface. A responsive ecosystem to pursue sustainable balanced cyber-
53 major focus is now on integrating security early in the security programs to protect processes, technology, tools,
54 pipeline rather than wrapping up the final product. and infrastructure.
55
56
57
58
59 For Review Only
VOLUME XX, 2017 1
60
Page 3 of 20 IEEE Access

1
2
3
4 The higher the severity of vulnerability, the longer it takes
5 to eliminate it. Developers now are not required to just
6 write code that runs a business module but to write it in a
7 secure manner. Upon failure, the security debugging time
8 of the application becomes significant. Corporations
9 sometimes miss some security processes and techniques
10 such as Static Application Security Testing (SAST),
11 Interactive Application Security Testing (IAST) and
12 Dynamic Application Security Testing (DAST) to meet
13 hard deadlines. Although the project may be ready on the
14 outside, it is fragile and brittle on the inside. It is just like
15 saying that we wrap a golden foil on to an apple to make it
16 FIGURE 2. DevSecOps market cap by region in Billion Dollars
a Golden Apple. Sooner or later, the threats will slowly
17 start swelling in the product and as time passes, it will
18 create a huge crater allowing illegal and unsolicited entry
From Figure 2, it can be inferred that the annual budget of
19 into to critical and sensitive parts of one or more
the regions is on a steady rise and focuses on the
20 components.
DevSecOps market [5]. DevSecOps, in its higher form, is
21 nothing but shifting the security practices left in a DevOps
22 The Global Market for DevSecOps is expected to grow
pipeline. Integrating security would help products to be
23 significantly and reach a substantial market size by 2030.
delivered rapidly, efficiently, and securely. Hence,
24 The forecast indicates a Compound Annual Growth Rate
currently, majority of the annual budget is dedicated to risk
25 (CAGR) of 27.7% for this market. In 2022, the DevSecOps
assessment and analysis measures to avoid disrupting
26 market in the United States was estimated to be valued at
Business Continuity. A study by Gartner suggests that
27 US$1.9 billion. China, which is the world's second-largest
“securing the software delivery pipeline is as important as
28 economy, is projected to achieve a market size of US$7.9
securing the software that is delivered.” Traditionally,
29 billion by 2030, representing a CAGR of 33.5% from 2022
security is provided after the product leaves its
30 to 2030. Several other geographic markets are noteworthy
development and operation pipeline. However, the scope of
31 as well. Japan is expected to grow at a CAGR of 21.5%
an attack can be way before it arrives at the market and is,
32 over the period from 2022 to 2030, whereas Canada is
open to public traffic. The more infected the code becomes
33 forecasted to experience a growth rate of 22.9% during the
at an earlier stage, the more challenging it will be to secure
34 same period. In Europe, Germany is expected to grow at an
it in the future. Therefore, regardless of the size, budget, or
35 approximate CAGR of 23.8%. These forecasts demonstrate
global presence of software, security is now being
36 the increasing significance and adoption of DevSecOps
integrated from the root of the pipeline, which is generally
37 practices and technologies in various regions worldwide.
where the development of the product starts.
38 These high growth rates indicate a growing demand for
39 DevSecOps solutions and services in the market [9].
One of the key findings of the survey conducted by
40 Contrast Security [7] included that 79% of the average
41 With the importance given to the adoption of security in the
applications in development have more than 20
42 DevOps model, as seen by the budget spent, risk mitigation
vulnerabilities, and 99% of the average application in
43 and vulnerability assessment are now the key players in the
production have more than 4 vulnerabilities. These
44 creation of secure and malware-free software that aims to
alarming numbers are indicators of the number of
45 harness the power of cyber-security to strengthen the
vulnerabilities that crept into the software well before
46 application from inside out thereby increasing client
delivery. This supports the fact that there is a chance that
47 satisfaction and convenience. Automation of these security
the pipeline will be infected, which in turn weakens the
48 scans is also a trending topic that encompasses the major
software artifacts/components that reside in it. They also
49 processes and tools being integrated into a development
pointed out that each vulnerability consumes more than 4
50 system altogether. Automation of security scans will not
hours for a developer, which leads 55% of the developers to
51 only make the pipelines run faster but also eliminate any
skip the security scans to meet deadlines. Shocking as it
52 manual errors that may be missed by the Security Analyst.
may be, this is a severe blow to the cyber-protection
53 This can also be integrated with state-of-the-art AI tools,
provided to software. Vulnerability testing is a process that
54 which may provide a visualization of the vulnerabilities
is very different from the different varieties of testing
55 found in a module along with its severity level. This
towards the end of the Software Development Life Cycle
56 reduces the magnitude of the severity of the whirlpool from
(SDLC) .
57
58
59 For Review Only
60
 IEEE Access Page 4 of 20

1
2
3 becoming too large to handle in the future if corrected and complete their tasks and push them to an archive when
4 eliminated in the beginning. finished. This process is identical for all of the engineers at
5 all levels and domains. Finally, when the project manager
6 This research paper delves into the transformations and returns confirmation from all team leaders regarding the
7 adaptations in DevSecOps beyond DevOps ideology, successful completion of the task and the updated status of
8 presenting key aspects and changes. It then analyses various the archive, it is time for the software to be tested. Testing
9 threat models relevant to DevSecOps-driven product can be simply defined as the process of discovering,
10 development. Furthermore, the study investigates potential analyzing, and resolving any bugs or issues that disrupt the
11 threats and attacks in a cloud-native DevOps pipeline, normal behavior of the software.
12 considering various cloud service models and proposing
13 relevant tools and technology-based mitigation techniques. Now, as the project manager learns of these bugs (if any), he
14 This paper has been structured into eight meticulously must follow some steps to rectify this, which could be:
15 crafted sections, each contributing to a comprehensive tracing the bug back to a specific module. Identify the
16 exploration of DevSecOps. It begins by laying the module domain. Contact the team leader responsible for that
17 foundation with a Background section that traces the domain and inform him of the same. After a period, hear
18 evolution from DevOps to the more robust DevSecOps back from him and push the modified code to the archive.
19 paradigm followed by an extensive review of the existing The process repeats again, given the case in which there are
20 literature in this domain, encompassing insightful surveys any additional errors. Reading this would have made you
21 and their significant findings. Section IV delves into the realize how tedious this work of developing and testing
22 indispensable value of Risk Assessment within IT (which are only 2 of the many steps of a Development
23 organizations. Section V presents a spotlight on the Lifecycle) can be when collaborating with multiple teams.
24 intricacies of threat modeling. It encompasses an in-depth This entire process led to two vital conclusions:
25 exploration of three distinct service models, offering a 1. Having a Framework consisting of processes and
26 tailored approach to threat modeling by dissecting popular best practices will improve the efficiency with
27 attacks within each model and presenting potential which work is delivered.
28 mitigation strategies. Section VI illuminates the diverse 2. Automating certain repetitive work will speed up
29 Applications and Use Cases of DevSecOps across various the process and allow more time for innovation
30 domains. Finally, it addresses the various challenges and On the opposite side of the campus, there is a distinct team
31 outlines that may lead to potential avenues for future work. known as the Operations Team, whose primary role is to
32 facilitate resource provisioning for developers. This team
33 II. BACKGROUND assumes responsibility for managing the organization's
34 In the early 2000s, software development was rose steeply, infrastructure. Infrastructure can range from routers,
35 and establishing a solid foundation in the Information switches, Internet gateways, servers, etc. The Operations
36 Technology (IT) industry. Popular dynamic applications have Team is dedicated to providing computational resources that
37 been built using new languages such as C, C++, and aid developers in addressing intricate and extensive
38 RubyOnRails. Almost all the revolutionary technologies that problems. Consequently, this engenders a new type of
39 we use today were born. Tireless efforts in this field have dependency on the Operations Team, as they are relied upon
40 focused on developing an approach. This approach was to promptly and consistently fulfill requests from the
41 developed with the objective of streamlining the workflow. development team. In cases where there are multiple,
42 Few of the top organizations at that time used methodologies simultaneous and urgent requests from different departments.
43 private to them. However, these methodologies were not There is a bottleneck that limits the speed at which they can
44 shared among other companies. Eventually, software deliver services. Considering resource-intensive applications
45 companies felt the need to establish common ground for that consume a large number of computational services,
46 development. People started facing issues in collaborating starvation and infinitely long blocking are introduced to other
47 with other developers because of the mismatch in their applications in the queue. It was around 2007-2008, when a
48 practices. Not only did this affect the culture but also other new buzzword at that time, called DevOps was born in the IT
49 technical practices followed by them. industry.
50
51 A. INTRODUCTION TO DEVOPS
DevOps in its basic sense is a combination of two words At
52 For software applications to be available in the open market, an eagle’s height level: DEVelopment and OPerationS.
53 developers must ensure that all modules that constitute the DevOps is a set of best practices, tools, and cultural
54 application sit perfectly. To develop a single project, a team philosophy that automates and integrates the processes
55 of engineers is typically deployed. Teams are assigned to a between software development and IT teams. It stresses
56 particular job to ensure that it is completed within the cross-team collaboration and communication to build
57 stipulated time. Now, these engineers work on their own to common ground for people from various domains and
58
59 For Review Only
60
Page 5 of 20 IEEE Access

1
2
3 technologies. It is an IT paradigm for agile development and Plan: DevOps teams should be comfortable adopting agile
4 efficient maintenance to build software in a more organized practices. Agile is an iterative approach to software
and structured manner. DevOps also emphasizes aligning development and project management that aims to deliver
5
development and operations to boost quality, efficiency, and small pieces of work incrementally.
6
7 productivity.
Build: This phase uses tools to build software components
8 such as libraries and modules. Git is an open-source and
9 common platform for version control which allows
10 developers to work on branches efficiently. This allows one
11 to recover previous builds by tracking their repository
12 history.
13
14 Test: Continuous Integration (CI) involves developers
15 sharing their code to a shared repository. It is first checked
16 and then merged with the master's (main) repository. This
17 not only provides reassurance to developers regarding their
18 work but also improves their predictability in the future.
19
20 Deploy: Continuous Deployment (CD) allows developers to
21 automatically push new features in the production
22 environment. Teams can deploy the application with feature
23 flags, which helps in the steady release of code rather than
24 FIGURE 3. DevOps process
all at once. This increases the efficiency and productivity in
25 development teams.
26
27 For several years, this has brought the development and Operate: Manages the complete delivery of IT services to
users. This includes practices involving the design,
28 operations teams close together, despite the fact that they
configuration, and maintenance of all IT infrastructure that
29 were binned. These two teams get together and software
engineers work on an entire application lifecycle ranging supports an organization's services.
30
31 from development, testing, deployment, operations and
various other multidisciplinary activities. DevOps is a Observe: Quickly identify and resolve issues that can slow
32 productivity and speed of deployment. In most areas,
33 software ideology that aims to develop a framework and
deliver tools for automating tasks. As previously discussed, automated checks are used to analyze and immediately
34 notify teams of changes, failures, and high-alert risks so
these two deliveries were important findings in the early
35 that the application does not break and keeps running.
2000s. Thus, DevOps was an essential and necessary
36
change that Software Engineers embraced and welcomed
37 Continuous feedback: DevOps teams should generate
with open hands as they had learned from their past
38 experience that the adoption of this comprehensive process reports for each release and share feedback before the next
39 will not only help in cross-team management but will also release. This feedback integrated with newer release helps
40 act as a Process Phase tracker to help monitor their improve the standard of the software. It also aligns with the
41 progress. agile principle of preparing for frequent changes and acting
42 upon them.
43 Pertaining to the continuous nature of DevOps,
44 practitioners often represent the DevOps Lifecycle as an B. TRANSITION FROM DEVOPS TO DEVSECOPS
45 infinite loop to show how the phases of DevOps relate to Although DevOps played a key role in incorporating major
46 each other. The core of DevOps lies in continuous changes in the software lifecycle, it neglected a major
47 collaboration and incremental improvements to satisfy aspect of security as one of its phases, despite the
48 clients and ease management activities performed increasing frequency of information security incidents and
49 throughout the process. DevOps has eight phases, which are growing emphasis on security by major enterprises [6]. To
50 described as follows: address this, DevSecOps has emerged as a new approach
51 that integrates security into the development, operations,
52 Discover: Building software requires a teamwork. Teams
and maintenance processes. This represents the natural
53 should conduct workshops to plan, organize and analyze
progression of software development toward prioritizing
54 ideas. These ideas should focus on achieving goals and
security at every step of the development lifecycle. The
55 fulfilling customer requirements. Agile is widely used for
this purpose. cultural shift brought about by DevSecOps makes security a
56 shared obligation for everyone involved in the software
57
58
59 For Review Only
60
 IEEE Access Page 6 of 20

1
2
3 development process [8]. DevSecOps comprises three vulnerabilities. The above authors offered specifications
4 words: Development, Security, and Operations. DevSecOps that a security test pipeline should satisfy. The features of
5 aims to combine cyber security practices with SDLC to seal this security test pipeline system such as centralized and
6 off security issues that may creep in later on. As industries unified security test management, regular and automatic
7 experience higher threats from malicious attacks, they have code security testing, unified user management and
8 realized that providing an extra layer of security to the authority management to satisfy security and confidentiality
9 DevOps lifecycle could significantly reduce the attack rate. compliance requirements, and comprehensive rule
10 To securely continue business expansion, corporations must management function were realized using a test pipeline
11 include security scans from the beginning of the pipeline. built upon open-source software tools to achieve a low-cost
12 Based on a survey conducted by Contrast Security, it was system to solve code security and quality issues. McZara et
13 reported that 42% of the companies that suffered a breach al. [11] analyzed micro-service interdependency.
14 attributed the cause to a known but unpatched vulnerability. Interdependency was modeled using links that connect one
15 Cyber Security is increasingly a priority for leaders such as microservice to another. These links were nothing but an
16 the board of directors and C-suites. Verizon [7] found that interface through which one microservice was accessible by
17 43% of data breaches in 2019 were a result of web- another. DevSecOps was used to monitor the outages of
18 application vulnerability, which has doubled since 2018. micro-services, in which case, an alternate path was
19 One of the survey respondents also said that creating a discovered to allow fault tolerance and business continuity
20 balance and synergy between the security and development to be a mode of application recovery. The author Hasan
21 teams is the easiest and most economical way to achieve Yasar [12] examined the possibility of finding information
22 software security. security risks differently at different stages of the DevOps
23 pipeline. Development teams often miss the issues to be
24 addressed as they rely heavily on configuration
25 management and automation. The researchers Agung and
26 Kabetta [13] considered agile development as a modern
27 method that emphasizes flexibility and spontaneity, but this
28 approach comes with greater risks and issues in the build
29 and deployment phases that drain most of the time to get
30 fixed leading to delay in the release of the software. To
31 address these challenges in agile development, the authors
32 considered building a DevSecOps pipeline integrating static
33 and dynamic testing in an SDLC environment, using the
34 FIGURE 4. Vulnerabilities found in development vs deployment
open-source GitLab for setting up a CI/CD pipeline and
35 tools such as Njsscan and OWASP-ZAP for static and
36 Figure 4 provides a comparison between the number of dynamic testing functions.
37 vulnerabilities found in an application during development
38 and deployment. One could clearly observe that securing The Study performed by Bajpai and Lewis [14] describes
39 applications from the risk of an attack is vital and imminent the consequences of misconfiguration errors that malicious
40 from numerous vulnerabilities that might persist even until threats seek to exploit. This has been aggravated as many
41 deployment. As said by John P Mello Jr in “The State of organizations consider development and security teams to
42 Application Security Testing: The Shift is on to Secure be independent. The above researchers also presented areas
43 Code”, With the software development ground shifting, it’s that are more threat prone and solutions to monitor these
44 time for application security teams to get a move on - from threats, including the ways of automated security
45 application security to securing code throughout the software assessments and dependency management. Finally, they
46 development life cycle. Security teams now need to join concluded by stressing the monitoring of CI/CD pipelines
47 development teams to foster strong relations and overcome to detect the possibility of involving new attack vectors and
48 this gap by working in resonance. This is a “left shift” of threat surfaces. Extending the above work, Mahboob et al.
49 security practices, which means that security inspection and [15] used the Kubernetes Environment to make a CI/CD
50 scans are not performed on a product that is just waiting in pipeline. They then used Asylo to perform security scans
51 the production environment to get deployed but is a process and Tekon to automate the process of creating a Docker file
52 that must be interleaved with DevOps [9]. whenever there was a change in the branch (when
53 committed). Emphasis was placed on using a Trusted
54 III. REVIEW OF EXISTING LITERATURE Execution Environment (TEE) to isolate and secure native
55 One of the prominent works by Sun et al. [10] described the developments to harden security strength. A study carried
56 structure of an efficient and accurate security test pipeline out by Ramaj and Xhesika [16] discussed security that can
57 to identify security vulnerabilities and solutions to those be integrated into the DevOps environment into the
58
59 For Review Only
60
Page 7 of 20 IEEE Access

1
2
3 development life cycle to address complex security threats al. [22] developed software as a proof of concept that can
4 and loose security. It also showed how vulnerabilities perform both SAST and DAST on IaC scripts. They used
5 divide up until the production stage, where debugging the VAT, which works on rule-based matching of scripts for
6 application for threats takes a long time. Continuous Risk static analysis, and LOMOS, which is an AI tool for
7 assessment is also valuable and should be a part of SDLC. dynamic analysis. Static analysis uncovers design issues
8 The Investigation conducted by Aljohan and Alqahtani [17] and performs component tests ranked from the most severe
9 described the consequences of the lack of empowerment of at the top in decreasing order. LOMOS uses self-supervised
10 automated security testing tools. In addition, knowledge of NLP techniques to automate the process by checking logs
11 when and where to add security automation to a DevOps to find differences and uncover any threats An investigation
12 pipeline is a major problem that must be addressed during carried out by Pecka, and Nicholas Stephen [23] aims to
13 software development. Some of the challenges encountered prove that inside attackers can exploit the DevSecOps
14 include automated scanning, the total time elapsed, and pipeline to transform secure software into insecure
15 false-positive results. Finally, the authors developed an software. Kubernetes was used as the deployment
16 architecture that enables automated security scans and environment in this study. Their workflow is as follows:
17 vulnerability detection. The authors Ibrahim, Yousef, and Code is pushed to GitHub, where a webhook listener from
18 Medhat [18] explained the security model required for Jenkins is triggered and submits the code with the changes.
19 infrastructure as code (IaC) over the cloud stressing the After the pipeline finishes, the end product is a Docker
20 need for IaC in setting up infrastructure such as servers, Container that is pushed to DockerHub and Jenkins records
21 load balancers, and databases over the cloud environment. this on K8 logs. Then K8 uses the docker commands to
22 The main objective involved overcoming the challenges of retrieve the container for further activities. This paper also
23 setting up a completely secured and fully automated highlights the different points of attack that can be
24 security pipeline in IaC. Finally, they had set up a complete performed on Jenkins, and Docker
25 security pipeline using Terraform and Amazon S3 software.
IV. RISK ASSESSMENT
26
The authors Arjun Sojan et al. [19] investigated the In the 20th century, organizations were local to the area in
27
demands of automated testing stages in cloud-native which they had offices. Clients in that area would interact
28
environments. As these cloud platforms have a dynamic with them by coming directly to their offices. Having a
29
infrastructure, managing security requirements becomes global presence before the dawn of the Internet was
30
difficult. These authors mainly stressed the Infrastructure as possible only via the branches of the company dispersed
31
a Service (IaaS)-based cloud environment, thus developing across the country. This implies that, their presence was in
32
an automated monitoring solution for cloud-native direct proportion to the number of offices at different
33
DevSecOps using open-source tools and software. The locations. Today, Organizations are available to the public
34
monitoring stage was split into infrastructure and on the internet. The concept of accessing resources or
35
Application monitoring using a microservice architecture. seeking services is now far simpler and more rapid with the
36
Therefore, developing a novel solution for addressing the help of the internet. People now conveniently send loads of
37
gap in cloud monitoring applications. data of any format from their offices to remote data centers
38
miles away. Although this may allow flexible
39
Taking the previous analysis further, Diaz et al. [20] communications, it also increases the risk surface area
40
developed self-service cybersecurity monitoring. Further which may invite unnecessary cyber-attacks and cyber-
41
describing the fast and continuous feedback from operation harmful agents such as viruses, and worms into the
42
to development using the SPEM model. Finally, a enterprise's trusted assets to render them useless.
43
44 formalized DevOps cycle was created to build a self-service
security pipeline so that teams can configure their Risk assessment refers to the identification of dangers that
45
monitoring services in accordance with their security may have a detrimental impact on an organization's
46
criteria. Thus, allowing the teams to share responsibility in capacity to conduct a business. These assessments enable
47
releasing secure software, which is key to enabling the identification of inherent business risks and the
48
DevSecOps culture. The authors Caraturan and Goya [21] provision of procedures, processes, and controls to limit
49
analyzed the major financial challenges involved in their impact on corporate operations. Businesses can use a
50
adapting DevSecOps to a cloud-native platform. risk assessment framework (RAF) to rate and communicate
51
Concluding that it is essential to have a vision of which the contents of their risk assessment, including threats to
52
applications are appropriate for the cloud environment and their information technology (IT) infrastructure. The RAF
53
which are possible for migration. Implementation of the supports an organization in identifying prospective hazards,
54
same can be carried out in three stages: fundamental, as well as any business assets that may be jeopardized by
55
repeatable, and scalable which are fully automated with these hazards, as well as the potential repercussions of these
56
indicators and feedback collected and analyzed. Cankar et risks. In big businesses, the risk assessment process is often
57
58
59 For Review Only
60
 IEEE Access Page 8 of 20

1
2
3 overseen by the Chief Risk Officer (CRO) or the Chief Risk that everyone from IT team to executives and key
4 Manager. To identify, analyze and mitigate risks, some stakeholders work on the same structures and assumptions
5 models which are known as threat models provide an idea by identifying your IT resources and the issues that present
6 to the security practitioner or related security experts as to them.
7 what to expect when facing that kind of peril. Reducing the attack surface: Hidden doors and other
8 vulnerabilities in the IT environment can be identified using
9 The security model in the cloud is defined as a shared- threat modeling and patched swiftly and efficiently.
10 responsibility model. At one end the cloud service provider Furthermore, threat modeling assists in reducing IT
11 (CSP) plays a role of providing security to the computing complexity by identifying unnecessary endpoints, software,
12 resources, along with securing the software application or resources that may be removed.
13 components shared among the tenants. It is the utmost Prioritizing cybersecurity needs: Threat modeling assists
14 responsibility of the CSP to secure tenant data from businesses in determining which risks demand the most
15 attackers and protect it from exposure. On the other end, the attention and resources, in terms of time and money. For
16 tenant is responsible for data, identity, and application example, given a number of vulnerabilities in an IT
17 software protection. Thus, these security techniques can be environment, which should be addressed first?
18 achieved through a systematic approach called threat Strengthening compliance: Threat modeling helps
19 modeling, defined as “The process of systematically companies in comply with data privacy and security rules
20 collecting, organizing, and analyzing all relevant and regulations, which require them to understand how they
21 information that possesses a threat to an application”. When may be jeopardizing sensitive data. For example, the
22 applied to software, it streamlines decision-making on General Data Protection Regulation (GDPR) of the
23 application security threats. Typical threat modeling efforts European Union requires organizations to conduct a Data
24 yield a model and a prioritized list of security changes to an Protection Impact Assessment (DPIA) before beginning
25 application's concept, specifications, design, or new projects that process personal data.
26 implementation. Software, apps, systems, networks,
27 distributed systems, Internet of Things (IoT) devices, and An extensive analysis carried out by Kivioja and Sini [24]
28 business processes benefit from threat modeling. According identified the different protection techniques imposed on
29 to OWASP, a threat model is a systematic representation of the assets of the organization. Different Risk/Threat
30 all the information that influences an application's security. Assessment techniques are discussed such as OCTAVE,
31 In essence, this is a security perspective on the application FAIR, STRIDE, and CORAS. These were discussed based
32 and its surroundings. A threat model often comprises the on their use case and application, thereby providing a whole
33 following elements. range of threat assessment techniques. DevSecOps was also
34 used as a measure of integrating security with respect to the
35 1. Description of the subject to be modeled threat models were also explained in detail. Further
36 2. Assumptions that can be tested or questioned as the extending their work this paper focuses on the thread
37 threat situation evolves models and architectures essential to establish a DevSecOps
38 3. Potential threats to the system pipeline with automated security scanning.
39 4. Actions that can be taken to mitigate each threat
40 5. An approach to confirm the model's predictions and A. STRIDE
41 threats, as well as the effectiveness of the actions One of the most prominent threat modeling architectures,
performed. STRIDE, was developed by Microsoft engineers to aid the
42
It is best to use threat modeling consistently throughout a identification of risks in a system. It is utilized in
43
software development project. The procedure was the same conjunction with a target system model. This makes it
44 useful for the assessment of individual systems. STRIDE is
45 at different abstraction levels. However, information
becomes increasingly granular as the lifecycle progresses. an acronym for the types of threats it covers. STRIDE
46 stands for Spoofing Tampering Repudiation of Information
47 A high-level threat model should ideally be created early in
the design and planning phase and then refined throughout Dis-closure Denial of Service and Elevation of Privilege.
48 These STRIDE threat categories are incorporated into
49 the lifecycle. New attack vectors were produced and
DevSecOps' security assessments and risk management
50 exposed when additional features were added to the system.
practices. This enables developers, security teams, and
51 These dangers should be examined, diagnosed, and
operations teams to collaborate to identify potential
52 addressed as part of the continuing threat modeling process. vulnerabilities and threats early in the development
53 Some of the advantages of threat modeling can be briefly lifecycle and effectively mitigate them. The following table
54 described as follows: describes the threats along with the prominent mitigation
55 Improving collaboration: First and foremost, threat techniques employed using STRIDE.
56 modeling aids in obtaining all departments within an
57 organization on the same page. Threat modeling guarantees
58
59 For Review Only
60
Page 9 of 20 IEEE Access

1
2
TABLE I iv) Threat analysis based on threat intelligence: The
3 THREATS MODELED BY STRIDE AND THEIR CONSEQUENCES
4 fourth level of PASTA threat modeling is threat analysis.
5 Threat Consequence We identified the application environment and details in the
6 Spoofing Involves attackers attempting to mimic individuals or previous steps. It is now time to detect and assess the
Identity systems in order to obtain unauthorized access. potential dangers. The fourth most essential output is the
7 Tampering Attackers seeking to change data in transit or at rest are
8 with involved in this threat. awareness of threats and how they relate to the attack
9 Data surface. Threat definition is based on general security
Repudiation An attacker’s attempt to disavow their actions or knowledge, research on threat intelligence reports and
10 transactions within the system.
11 known attack pathways, and consulting threat libraries.
Information This threat entails the uninvited disclosure of sensitive
12 Disclosure information PASTA threat modeling is distinguished by the inclusion of
13 Denial of DoS attacks are designed to disrupt the availability of a threats based on relevancy (i.e., evidence that dangers are
Service service. genuinely exploited in the real world). Furthermore,
14 Elevation of Attackers may attempt to obtain elevated privileges in
15 Privilege order to gain access to resources that are above their
dangerous information should originate from multiple
16 standard permissions sources rather than from a single source.
17 v) Vulnerability detection: The fifth level of PASTA threat
18 modeling is vulnerability analysis. The primary purpose of
19 this stage is to associate vulnerabilities with assets,
B. PASTA resulting in a thorough awareness of the potential risks
20
Now, we move to another useful threat model PASTA, associated with threats. Vulnerabilities might originate in
21
which is designed to correlate business objectives with the code base (for example, via static analysis), (high-level)
22
technical requirements. This represents Process of Attack design, manual penetration testing, vulnerability
23
Simulation and Threat Analysis. PASTA’s steps guide management, and/or threat intelligence.
24
teams to dynamically identify, count, and prioritize threats. vi) Attack enumeration and modeling: The sixth stage of
25
PASTA is a seven-step approach developed with an PASTA threat modeling is the attack analysis. At this level,
26
attacker-centric mindset. They can be applied to we link the identified threats and vulnerabilities and
27
DevSecOps in the following manner. provide proof of feasibility. The usage of attack trees
28
29 demonstrates this. This improves the understanding of
i) Define Business Objectives: The first stage of PASTA likelihood, which is essential for recognizing and
30
threat modeling is to define the objectives. Objective is a evaluating risk.
31
broad term that encompasses business objectives (of the vii) Risk analysis and development of countermeasures:
32
object in the scope of threat modeling), threat modeling The seventh step of PASTA threat modeling involves risk
33
session objectives, security objectives, security governance, and impact analysis. PASTA is an end-to-end threat
34
and compliance objectives. modeling technique, which means that risk reduction is an
35
ii) Define the technical scope of assets and components: integral component of the process (rather than simply
36
The second stage of PASTA threat modeling defines the recognizing risks and failing to mitigate them). As a result,
37
technical scope and attack surface. This information is the PASTA involves specifying countermeasures to threats.
38
crucial for determining 'what we are safeguarding' from a The following benefits could be observed by adapting
39
technical perspective. This focuses on technology rather PASTA threat modeling in the DevOps pipeline.
40
than people and procedures. Relationships with other
41
systems, dependencies, imports, etc are all part of the 1)Proactively think about Security: DevOps teams are
42
technical scope and attack surface. accountable for the security of their applications or IT
43
iii) Application decomposition and identification of systems as part of DevSecOps and Shift-Left security.
44
application controls: The third level of PASTA threat PASTA threat modeling is a useful practice for thinking
45
modeling is application decomposition. Decomposing about security in advance, even if the team lacks security
46
entails delving deeply into the internals of an application. expertise or experience. Thus, implementing PASTA will
47
The outcome of this step will provide a great deal of assist a team in thinking about security proactively rather
48
information on how the application (or system) under than passively in response to external triggers (such as an
49
consideration operates, as well as how (current) core audit, a security incident, or the need to comply with an IT
50
security concepts are applied. Another important outcome control framework).
51
is an understanding of trust, where it exists, and where trust 2) Work as a team on the topic of Security: Many
52
boundaries exist, either internally or externally. At this individuals, including many members of DevOps teams,
53
level of PASTA threat modeling, we will develop data flow find security difficult. Some team members may be highly
54
diagrams, similar to STRIDE. It is feasible to understand technical and posses extensive security knowledge.
55
trust flows using Data Flow Diagrams. This can be used to However, many team members may not do so. PASTA
56
analyze the dangers in later steps.
57
58
59 For Review Only
60
 IEEE Access Page 10 of 20

1
2
3 meetings may help teams address security and promote The last phase involves prioritizing the risks that must be
4 knowledge among all team members. assessed and converted into a continual security
3) Determine threats early on (starting in the design management strategy. In addition a multidimensional risk
5
phase): Thinking about dangers and what may go wrong analysis was conducted to determine the points of
6
occurs frequently towards the conclusion of the vulnerability in the scenarios of potential intrusion.
7
8 development lifecycle or when an application is already in
9 production. This may be too late, as dangers may be
10 applicable and suitable countermeasures to minimize the
11 threat may be absent. PASTA threat modeling can assist in
12 identifying possible dangers early, even during the design
13 process. This will assist the DevOps team in considering
14 hazards throughout the development lifecycle.
15 4) Development of security requirements: Once risks are
identified, security requirements can be developed to FIGURE 5. Various phases of Risk Assessment in OCTAVE
16
17 establish mitigations or countermeasures. The earlier this Although OCTAVE deals with general protection
18 happens, the better because security needs may be mechanisms against potential threats to the organization, a
19 integrated earlier in the development process. newer modified version, OCTAVE allegro can be adapted
20 to cloud applications. The main threats identified by
21 C. OCTAVE OCTAVE Allegro include human attackers using physical
Numerous organizations have developed robust information
22 means, technical problems, and other problems. In the
security control frameworks to improve risk management OCTAVE/Allegro threat modeling paradigm, actors, assets,
23
and mitigation roadmaps, allowing them to seize access or means, motives, and consequences are among the
24
opportunities and accomplish strategic goals. To address key elements of a threat [25]. Therefore, can be
25 the information security compliance concerns faced by
26 implemented in the DevOps pipeline.
many organizations, the Software Engineering Institute
27 (SEI) developed the Operationally Critical Threat, Asset, D. TRIKE
28 and Vulnerability Evaluation (OCTAVE) methodology. Threat and Risk Intelligence Knowledge Elicitation is an
29
open-source threat modeling paradigm that, focuses on the
30 OCTAVE techniques were first created to solve security auditing process from the perspective of defense
31 information security challenges experienced by the United and risk management considering implementation, risk
32 States Department of Defense (DoD), but they have since models, and threats. The primary purpose of TRIKE is to
33 become available to the general public after proving to be ensure that stakeholders accept the risk entailment and its
34 successful. The primary function of OCTAVE is to assist effects. Encouraging stakeholders to comprehend and
35 organizations in ensuring that their information security minimize the risks that their actions within their domains
36 measures are in line with their goals and objectives. The may have for them and other stakeholders [26].
37 three main objectives of OCTAVE are information security
38 evaluation, software risk management, and surveying the Similar to many other techniques, TRIKE begins by
39 current state of the practice in information security risk establishing a system. By identifying and comprehending
40 management. OCTAVE explores technological and the system's actors, assets, intended actions, and rules,
41 organizational concerns to build a complete picture of an analysts must create a requirement model. This process
42 enterprise's information security requirements. The leads to the creation of an actor-asset-action matrix, where
43 following phases can help implement OCTAVE threat the rows correspond to actors and the columns to assets.
44 modeling for the DevOps pipeline: TRIKE employs a five-point scale for each activity, based
45 Phase 1, Build Enterprise-wide Security Requirements: on its probability, to evaluate the danger of attacks that
This phase involves analyzing enterprise-level assets and
46 could have an impact on assets through CRUD. The Trike
determining what assets are important to the organization scale system seems too outdated and vague. Therefore, it
47
and protection schemes for the same. To establish the has not been widely employed in recent security
48 security requirements, operational area, and staff
49 applications [27].
information are required.
50 Phase 2, Identify Infrastructure Vulnerabilities:
51 E. VAST
The second phase describes the infrastructural risk A distinctive and innovative method of cybersecurity
52 assessment and generates policies and practices to address known as "vast threat modeling" was created to address the
53 vulnerabilities. In addition, we identify the structure and complexity of large-scale enterprise systems. The only
54 configuration of the organizational information paradigm that allows scalability across a complete
55 infrastructure to examine dataflows and access paths. organization is VAST modeling, which stands for Visual,
56 Phase 3, Determine Security Risk Management Strategy: Agile, Simple Threat modeling. The complete Software
57
58
59 For Review Only
60
Page 11 of 20 IEEE Access

1
2
3 Development Life Cycle (SDLC) is covered by Vast Threat previous section, we provide a detailed explanation of the
4 Modeling, which relies on the three fundamental pillars of different approaches that can be used in the DevOps
automation, integration, and collaboration. The three main
5 methodology. Each service model, that is, IaaS, PaaS, and
components of the VAST are described below.
6 SaaS has its own approach and will be discussed
7 individually to emphasize the different attack vectors that
Visual: The visual representation of the system
8 architecture, data flows, and interactions is emphasized in are possible along with a few mitigation techniques [29].
9 the VAST modeling. This enables stakeholders to obtain a
10 thorough understanding of the components of the system
11 and their interdependence. Visual models, such as diagrams A. IAAS
12 or flowcharts, aid in the identification of potential security Infrastructure as a Service (IaaS) is a cloud computing
13 and trust boundaries within the system. paradigm that allows users to obtain computational
14 Agile: By fostering iterative and collaborative threat resources such as servers, storage, networking, and
15 modeling, VAST approach fosters an agile attitude. virtualization on demand.
16 Throughout the development process, threat models are IaaS is attractive because acquiring computing resources to
17 constantly refined and updated. Agile approaches, such as store data or run complex applications requires time and
18 Scrum or Kanban, can be used to help with threat modeling capital. Moreover, it could take months for the equipment
19 and ensure its incorporation into the development to arrive. Accommodation along with power and cooling
20 workflow. should then be made for the equipment. IT professionals
21 Simple: The VAST approach emphasizes simplicity to should be hired for maintenance and failure management.
22 make threat modeling accessible to a broader variety of IaaS also provides a higher degree of management than the
23 stakeholders, such as developers, architects, and business other service models. As IaaS provides maximum control
24 analysts. In favor of a more simplified approach, it avoids over the virtual infrastructure to the user it is prone to
25 unnecessarily complex and time-consuming procedures. various threats these have been identified and modeled as
26 The emphasis is on swift and effective identification of the shown in Table 2 as illustrated below:
27 most critical threats and vulnerabilities.
1) Denial of Service (DoS)
28
The Agile approach of VAST can be easily adapted into an Denial of Service (DoS) and Distributed Denial of Service
29
automated DevOps pipeline, through which organizations (DDoS) attacks pose substantial dangers in a DevSecOps
30 environment, affecting system and application availability,
can proactively address security concerns throughout the
31 software development lifecycle. Recognizing operational integrity, and performance. These malicious attacks can
32 variations and concerns among development and interrupt the normal functioning of an organization's
33 infrastructure teams, VAST requires the construction of two infrastructure, resulting in serious repercussions and
34 types of models: application and operational threat models. financial losses. One of the most serious threats posed by
35 Process-flow diagrams are used in application threat models DoS and DDoS assaults in DevSecOps environments is the
36 to depict the architectural perspective. DFDs are used to interruption of vital services and operations. Attackers can
37 develop operational threat models from the attacker’s exhaust a system's capability to serve legitimate requests by
38 perspective. This approach allows VAST to be integrated overpowering network resources, resulting in service
39 into the development and DevOps lifecycles of an degradation or unavailability. This interruption has a direct
40 organization [28]. influence on DevSecOps capacity to deploy, monitor, and
41 manage services, making it difficult for them to accomplish
42 V. THREAT MODELING business objectives and produce safe software.
43 Cloud-based applications are frequently hosted in
44 Infrastructure as a Service (IaaS), Platform as a Service Furthermore, DoS and DDoS assaults can exploit
45 (PaaS), andr Software as a Service (SaaS) settings, making weaknesses in the application and network layers,
46 potentially resulting in security breaches. Such attacks can
it difficult for testers to gain access to all areas that require
47 function as decoys, drawing attention away from other
testing. Furthermore, these environments may have varying hostile operations that target sensitive data or seek to
48 degrees of control over how data is stored, thereby
49 exploit weaknesses in the DevSecOps pipeline. DoS and
rendering it more difficult to test different attack scenarios, DDoS assaults have a greater impact in the DevSecOps
50
such as SQL injection attacks or cross-site scripting context, where quick and continuous deployment is a core
51
initiatives without risking that customer data will be premise. Organizations are particularly vulnerable to
52
compromised during tests performed by outside par-ties, attacks that target the availability of these systems because
53 of the frequent supply of software updates and reliance on
54 such as penetration testers, causing service interruption.
linked services. Such attacks can stabilize the efficient
55 Therefore, it is important for both service providers and distribution of new features, upgrades, or bug patches,
56 tenants to securely build their applications using security
57 best practices. Based on the threat models elaborated in the
58
59 For Review Only
60
 IEEE Access Page 12 of 20

1
2
3 significantly impacting the user experience and possibly log monitoring are required to quickly identify and respond
4 damaging a company's reputation. to possible attacks. Furthermore, to ensure a proactive
approach to security across development and delivery
5
Load balancers and scalable infrastructure can aid in traffic processes, DevSecOps teams must promote a culture of
6
distribution and attack absorption. Furthermore, frequent security awareness and collaboration. The use of tools such
7
vulnerability assessments, penetration testing, and safe as Security Information and Event Management (SIEM)
8 Systems, File Integrity Monitoring (FIM), and User and
9 coding practices can assist in identifying and addressing
vulnerabilities throughout the software development Entity Behavior Analytics (UEBA) would help detect data
10 breaches to ensure the safety of critical data. In conclusion,
11 lifecycle. Some tools that can be deployed in DevSecOps
data breaches in an IaaS context present substantial
12 are Web Application Firewalls (WAF), Network Traffic
difficulty for DevSecOps. Organizations may reduce the
13 Analyzers (NTA), and Application Performance
risk of breaches, protect sensitive information, and ensure
14 Monitoring (APM), which in turn would help minimize the the integrity and availability of services in a DevSecOps-
15 attack surface for potential DoS and DDoS threats. Overall, driven ecosystem by deploying comprehensive security
16 organizations must comprehend the damage that DoS and measures.
17 DDoS assaults may cause in a DevSecOps context to build
18 suitable security solutions. Organizations may better 3) Server-side Injection
19 safeguard their systems, maintain service availability, and SSIs are directives found in web applications used to
20 assure the integrity and performance of their software populate an HTML page with dynamic content. They are
21 delivery processes by adopting a proactive and akin to CGIs, with the exception that SSIs are used to
22 comprehensive approach to security. perform activities before or during loading of the current
23 page. To accomplish this, the web server evaluates the SSI
24 2) Data Breaches before delivering content to the user.
25 Data breaches in an infrastructure-as-a-service (IaaS)
26 environment may have serious consequences for The server side contains attacks that allow the remote
27 DevSecOps concepts. These breaches jeopardize data execution of arbitrary code or the injection of scripts into
HTML pages to exploit an online application. It can be
28 security, integrity, and availability, thereby putting the
abused by modifying the SSI in the application or by
29 secure development and delivery processes at risk. First,
forcing its use via user input areas. In any instance, will the
30 data breaches provide unauthorized access to sensitive
information such as customer data, intellectual property, or attack be successful only if the web server allows SSI
31 execution without sufficient validation. This can result in a
32 secret algorithms. This undermines the confidentiality of
vital assets and can result in significant financial and file system and process access and manipulation with the
33 permission of the web server process owner. The attacker
34 reputational harm. In a DevSecOps setting, where sensitive
data protection is crucial, such breaches weaken the has access to sensitive data, such as password files, and can
35 run shell operations. SSI directives were inserted into the
organization's confidence and credibility.
36 input fields and transmitted to the web server. Before
37 displaying the page, the web server parses and executes
Second, data breaches in the IaaS environment may
38 directives. The attack result will then be visible the next
introduce harmful codes or jeopardize the integrity of
39 software deployments. Attackers may use vulnerabilities to time the page is loaded into the user's browser.
40 insert malware, breach containers, or tamper with software This SSI attack enables attackers to run arbitrary commands
41 components, which might result in the deployment of or queries by exploiting the server's implicit trust. SQL, OS
42 compromised or malicious code. Furthermore, data command, and LDAP injections are examples of common
43 breaches in an IaaS environment may influence service server-side injections. Attackers may be able to get around
44 availability and continuous delivery pipelines. DDoS authentication, access restricted information, or even take
45 attacks may be launched by attackers, overloading over the entire system by exploiting this vulnerability. To
46 resources and causing service degradation or unavailability. mitigate potential risks and safeguard sensitive data from
47 This significantly impairs DevSecOps ability to unauthorized access, it is essential to implement proper
48 successfully deploy, monitor, and manage services, leading input validation and sanitization techniques, use
49 to missed deadlines, reduced efficiency, and a detrimental parameterized queries or prepared statements, and regularly
50 impact on the entire development and delivery lifecycle. update and patch server-side applications. Furthermore, the
utilization of tools that help in discovering SSI attacks, such
51
as Static Application Security Testing (SAST), Dynamic
52 Organizations must prioritize effective security measures to
Application Security Testing (DAST), and Runtime
53 limit the impact of data breaches in an IaaS environment on
DevSecOps. Strong access restrictions, encryption Application Self-Protection (RASP) would significantly
54 improve the overall security of the application.
55 techniques, and frequent security audits may aid in
56 protecting data at rest and in transit. Continuous
57 vulnerability assessments, penetration testing, and system
58
59 For Review Only
60
Page 13 of 20 IEEE Access

1
2
3 audits all assist in safeguarding against unauthorized
4 access. Data integrity and confidentiality are ensured by
employing advanced network monitoring, intrusion-
5
detection systems, and encryption procedures. Popular tools
6
that help detect hyper jacking attacks early include Identity
7
and Access Management (IAM) Solutions, Cloud Security
8 Posture Management (CSPM), and Privileged Access
9 Management (PAM). Continuous vulnerability
10 assessments, penetration testing, and timely patch
11 management are required to quickly detect and resolve
12 vulnerabilities. To summarize, hyper jacking attacks on
13 IaaS in the DevSecOps context pose substantial threats to
14 software development, delivery, security, and integrity.
FIGURE 6. SSI attack flow
15 Organizations may limit risks, secure sensitive data, and
16 ensure the integrity and availability of services in a
17 4) Hyper Jacking DevSecOps-driven ecosystem by deploying rigorous safety
18 Hyperjacking attacks on Infrastructure-as-a-Service (IaaS) protocols.
in a DevSecOps environment have serious consequences,
19
putting the security and integrity of software development
20 B. PAAS
and delivery processes at risk. Unauthorized access to and
21 PaaS stands for Platform as a Service. PaaS is a Cloud
control of an organization's IaaS infrastructure is referred to
22 as hyper jacking. these attacks can result in serious
computing approach that provides an elastic and scalable
23 ramifications. First, hyper jacking compromises the security
cloud platform for building, deploying, executing, and
24 managing applications. PaaS provides developers with
and privacy of sensitive data stored in an IaaS environment. everything they need to create applications without the
25 Attackers may acquire unauthorized access to consumer
26 hassles of updating operating systems and development
data, confidential information, or intellectual property, tools or maintaining hardware. Instead, a third-party service
27 thereby causing severe financial and reputational harm. provider delivers the entire PaaS environment or platform.
28
Considering one of the most important threats in a PaaS
29 Secondly, compromised IaaS resources may be used to environment as discussed in Table 3, let us elaborate on all
30 conduct additional attacks or to spread malware across the of them.
31 DevSecOps pipeline. To introduce malicious malware,
32 compromise software components, or control the 1) Vulnerable Application code
33 development and deployment process, attackers may use Vulnerable application code in a platform-as-a-service
34 compromised infrastructure. This puts the integrity of the (PaaS) environment might have a negative impact on
35 software being built and supplied at risk, making it harder DevSecOps principles, increasing the security and
36 to sustain the ecosystem's dependability and dependability of software development and delivery
37 trustworthiness. Furthermore, hyper jacking might processes. Several hazards occur when the application code
38 influence service availability and the continuous supply has vulnerabilities in a PaaS environment. First, an insecure
39 pipeline. Attackers may take advantage of the hijacked code opens the door for attackers to exploit and infiltrate
40 computers. Attackers may use stolen assets to perform the program. This can result in unauthorized access, data
41 distributed denial-of-service (DDoS) assaults, overloading breaches, or malicious activities within the PaaS platform.
systems and causing service degradation or total outages.
42 Vulnerable code jeopardizes the integrity and
This has a direct influence on DevSecOps’ capacity to
43 confidentiality of important assets and sensitive information
provide and maintain services, resulting in missed
44 in a DevSecOps environment where secure development
deadlines, lower productivity, and a detrimental impact on
45 the whole software development lifecycle. Furthermore, in
practices are necessary. Secondly, flaws in the application
46 the DevSecOps context, hyper jacking inhibits
code may lead to the exploitation of platform flaws or
47 misconfigurations. Insecure code can be used by attackers
collaboration and confidence between development, to circumvent security restrictions, elevate privileges, or
48 security, and operations teams. Breach incidents require
49 obtain unauthorized access to platform resources.
reactive incident response and mitigation activities, Furthermore, in a PaaS environment, insecure application
50 devoting significant time and resources away from
51 codes impede the agility and efficiency of DevSecOps
proactive security measures. This strain of team chemistry pipelines. Security problems can cause delays and
52 impedes efficient communication, and makes it difficult to interruptions in the software development lifecycle,
53 incorporate strong security practices throughout the necessitating more time and effort to identify and fix
54 development process. Organizations must prioritize robust vulnerabilities. This can result in missed deadlines,
55 security measures to prevent the impact of hyper jacking decreased productivity, and general slowdown in the
56 attacks on DevSecOps in an IaaS environment. Multi-factor delivery of safe software.
57 authentication, rigorous access limits, and frequent security
58
59 For Review Only
60
 IEEE Access Page 14 of 20

1
2
TABLE II
3 THREATS AND THEIR POSSIBLE MITIGATION TECHNIQUES IN IAAS MODEL
4
5 Threat/Attack Target Platform Consequence Mitigation methods Mitigation tools
6
7 Denial of Service Network Infrastructure, Failure to serve legitimate Methods like security Web Application Firewalls
[30] (WAF), Network Traffic
8 Servers, IoT devices requests due to overwhelming architecture scanning, Analyzers (NTA), and
9 traffic from bots machine learning, and ACLs Application Performance
10 for traffic littering can be Monitoring (APM)
11 used.
12 Data Breaches [31] Amazon EC2 based Could lead to Heavy financial Access rights, Individual Security Information and Event
applications loss for companies along with behavior analysis, and Deep
13 leak of highly confidential learning methods were used Management (SIEM) Systems,
14 data to detect. File Integrity Monitoring (FIM),
15 and User and Entity Behavior
16 Analytics (UEBA)
17 Server-Side Irrespective of the Target Leads to potential access to Input validation, strong Static Application Security
18 Injection [32] Platform the organization’s assets or regular expression matching Testing (SAST), Dynamic
data by leveraging faulty along with DLPD tools help Application Security Testing
19 semantic SQL commands avert SSI attacks. (DAST), and Runtime
20 Application Self-Protection
21 (RASP)
22
Hyper jacking [33] Any Vulnerable Hypervisor Provides a weak point in the Disabling IP broadcasts, and Identity and Access
23 infrastructure allowing attacks firewalls, deploying intrusion Management (IAM) Solutions,
24 such as DoS, VM Escapes and detection systems, and Cloud Security Posture
25 others targeting cloud applying security patches are Management (CSPM), and
environments. some ways to mitigate. Privileged Access Management
26 (PAM)
27
28
29 Organizations should prioritize rigorous security practices When attackers gain the capability to manipulate or exert
30 to limit the impact of risky application codes in a PaaS influence over the building process of container images,
31 environment on DevSecOps. Introducing safe coding they can easily introduce malicious code into the
32 practices such as regular code reviews, static and dynamic production environment. Such insidious code execution
33 analysis, and secure coding principles aids in the early can result in severe consequences including unauthorized
34 detection and mitigation of vulnerabilities. This decreases access, data breaches, and service disruptions. Moreover,
35 the chance of an insecure code being deployed in a PaaS compromising the built environment can serve as a
36 environment. Second, employing security testing stepping stone for attackers to infiltrate and compromise
37 methodologies, such as penetration testing and the manufacturing environment, thereby causing
38 vulnerability scanning, allows for the detection of flaws widespread damage. From Figure 7 we can identify the
39 and vulnerabilities in the application code. Regular attack zone at the CI server where an image is built. At
testing promotes continuous progress and the early the time of building, if malware exists within the image, it
40
detection of possible problems. This includes features causes immense damage to the container and application.
41
such as access restrictions, encryption, and logging, all of Assuming that other containers are being built upon the
42
which can be used to successfully protect deployed same container, they can penetrate those containers and
43 applications. In conclusion, insecure application codes in increase the spread of the attack.
44 a PaaS context pose considerable threats to DevSecOps.
45 Organizations may minimize vulnerabilities and improve
46 the security and dependability of software development
47 and delivery in a PaaS-based DevSecOps environment
48 using safe coding practices, conducting frequent security
49 testing, and cultivating a culture of security awareness.
50 Some tools that help detect vulnerable application code
51 are Interactive Application Security Testing (IAST),
52 Dependency Scanning Tools, and Software Composition
53 Analysis (SCA).
54
55 2) Build machine attack
56 Build machine attacks pose a significant threat to the
57 integrity and security of containerized deployments. FIGURE 7. Build Machine attack

58
59 For Review Only
60
Page 15 of 20 IEEE Access

1
2
3 To mitigate this risk, it is crucial to implement robust information security and confidentiality of DevSecOps.
4 security measures, including strict access controls, When secrets such as API keys, passwords, or
continuous monitoring, and secure build processes, to cryptographic keys, are exposed in a PaaS context,
5
safeguard the integrity of the built environment and several issues and vulnerabilities develop. First, leaked
6
prevent the inclusion of malicious code in container secrets may result in unauthorized access and significant
7
images. data breaches. Attackers with access to disclosed secrets
8 can use them to obtain unauthorized access to critical
9 3) Vulnerable hosts components, compromise sensitive data, or conduct
10 Vulnerable hosts in a PaaS environment can negatively harmful actions on the PaaS platform. Exposed secrets
11 impact the security and resilience of DevSecOps jeopardize the confidentiality and integrity of important
12 practices, sacrificing the integrity and availability of assets in a DevSecOps environment where data protection
13 software development and delivery processes. Several is crucial.
14
dangers and issues exist when hosts in a PaaS
15 Second, disclosed secrets increase the possibility of
environment are susceptible. For instance, attackers can
16 insider threats. Internal workers or malevolent insiders
exploit insecure hosts to obtain unauthorized access to the
17 can utilize secrets available to unauthorized persons or
underlying infrastructure. This can lead to unauthorized
18 disclosed to the public to obtain unauthorized rights, alter
data access, privilege escalation, or jeopardization of
19 systems, or exfiltrate-sensitive data. Exposed secrets may
20 crucial resources. and imperils the confidentiality, also result in account takeover and unauthorized access to
21 integrity, and availability of deployed applications and cloud resources. Attackers can impersonate authorized
22 services in a DevSecOps environment, where secure users, acquire control of PaaS resources, and even
23 infrastructure is crucial. Second, host vulnerabilities may interrupt software development and delivery processes
24 compromise the entire PaaS system. Attackers may use using exposed credentials or keys. This has an impact on
25 vulnerabilities to conduct additional attacks, spread the availability and dependability of services and
26 malware, or impair platform operation. This puts the undermines the key DevSecOps concepts.
27 stability and security of the DevSecOps pipeline at risk,
Organizations must use secure secret management
28 impeding application deployment, monitoring, and
practices such as encrypted key vaults and secret
29 maintenance. In addition, insecure hosts in a PaaS
management services, to reduce vulnerabilities in a PaaS
30 environment make it difficult to maintain secure and
environment for DevSecOps. Strict access restrictions and
31 compliant architecture. Host configuration flaws, out-of- robust authentication systems guarantee that only
32 date software versions, and missing patches can result in authorized individuals can access and manage secrets. To
33 security breaches and non-compliance with industry safeguard sensitive information, avoid hardcoding secrets,
34 standards and regulations. This endangers sensitive data use environmental variables, and use encryption or
35 and exposes organizations to legal and financial hashing methods such as Secret Management Tools
36 implications. (SMT), credential rotation, Employee Training and
37 Security Awareness programs. Organizations may
38 Organizations should prioritize robust security practices increase their security posture inside the PaaS-based
39 to limit the impact of insecure hosts in a PaaS DevSecOps ecosystem by applying these strategies.
40 environment on DevSecOps. For the safe and resilient
41 DevSecOps practice, proactive vulnerability C. SAAS
42 management, patch management, and configuration SaaS stands for software-as-a-service. The software
43 hardening are essential. Access restrictions, network provider owns and maintains the program under the SaaS
44 segmentation, logging, monitoring, and intrusion model, and the consumer does not need to install any
45 detection systems aid in the discovery and prevention of software on the computer. In this strategy, software is
46 suspicious behaviors. Organizations may improve the typically licensed on a subscription basis. To compete,
47 security and reliability of software development and businesses use SaaS to generate money, pivot their
48 delivery processes in the PaaS-based DevSecOps products to consumer demand, optimize current apps,
49 ecosystem by increasing security awareness and innovate, and go to the market swiftly. In short, SaaS
50 addressing these threats. Further Employment of Patch allows full control with the cloud providers and only
51 Management Solutions, Secure Shell (SSH) auditing and delivers the final application to the user, for which he/she
hardening, and endpoint protection should mitigate most has control over the application but not the underlying
52
of the risks involved. technology. Even though most of the infrastructure is
53
maintained at the host’s end, there may be some threats
54
4) Exposed Secrets that need to be addressed in the SaaS service model, as
55 Exposed secrets in a platform-as-a-service (PaaS) listed in Table 4. Further elaboration of these threat and
56 environment pose considerable threats to the sensitive attack models is presented below.
57
58
59 For Review Only
60
 IEEE Access Page 16 of 20

1
2
3 TABLE III
4 THREATS AND THEIR POSSIBLE MITIGATION TECHNIQUES IN PAAS MODEL
5 Target Platform Consequence Mitigation methods Mitigation tools
Threat/Attack
6
7 Physical server, a virtual The stored data is overwritten Static code analysis along Interactive Application Security
8 machine, a containerized with encrypted versions using with dynamic code analysis Testing (IAST), Dependency
Vulnerable environment, or a cloud-based platform API, which in turn is are a few inspections to Scanning Tools, and Software
9 Application Code platform held for ransom discover stale interfaces of Composition Analysis (SCA).
10 [34] applications
11
12 Mobile applications, web unexpected code inside data Using safe APIs, different JFrog Xray, TwistLock, Docker
13 applications can be automatically and ways to display data and Security Scanning.
Build machine mistakenly triggered excellent coding practices
14 Attacks [35] can reduce the chances
15
16
Any machine with weak leads to the possibility for Optimal Scanning Strategy Patch Management Solutions,
17 security patches attackers to get access to an to detect vulnerable hosts Secure Shell (SSH) Auditing
18 Vulnerable Hosts organization's resources or with random scanning and Hardening
19 [36] data. strategy
20
21 Cloud Platforms, Web Alters timing of the process Modification in OS level Secret Management Tools
22 Applications, Mobile and exposes credentials of kernel variables for granular (SMT), Credential Rotation
23 Exposed Secrets applications, containerized web applications to flow along with proof testing
[37] environments illegitimate users API calls
24
25
26
27
28 1) Ransomware attack best practices for safeguarding applications from these
29 A Ransomware attack is most commonly directed at attacks is same-day security patching. Tools such as the
30 cloud-based email services such as Office 365. Attacker AWS custom patch baseline for Critical and Important
use phishing tactics to acquire access to email accounts, Security patches can be configured to mitigate all
31
encrypt correspondence, and then demand a ransom. immediate threats.
32
Attackers will also try to mimic the account owner to fool
33
the victim's contacts to install and spread the ransomware 3) SQL Injection attack
34 applications. One such attack observed by Cybersecurity SQL injection is a type of security vulnerability that
35 firm Obsidian against SharePoint Online (Microsoft 365) allows an attacker to modify the SQL query input of an
36 revealed how vulnerable SaaS platforms are to these application to execute malicious SQL commands in the
37 types of attacks. Although these attacks can be mitigated database. SQL injection attacks in cloud contexts target
38 by carefully monitoring all the vulnerabilities in the web applications hosted on cloud platforms or software
39 pipeline or software artifacts, they still pose a major that connects with cloud-based databases. These attacks
40 challenge to individuals and organizations. One of the must be properly addressed with multiple security
41 prominent tools and best practices that could be utilized is monitoring techniques such as isolation of applications,
42 the AWS Blueprint for Ransomware defense [38]. and channel protection. Monolithic and distributed
43 implementation and constant monitoring for anomaly
44 2) Zero-day attack detection. The use of DAST tools such as OWASP ZAP
45 A zero-day vulnerability is an unsafe software flaw that or Burp Suite, can help identify vulnerabilities that could
46 developers are unaware of. Cybercriminals can exploit lead to SQL injection. Further usage of security libraries
47 these vulnerabilities through cyber-attacks termed zero- such as OWAS ESAPI (Enterprise Security API) could
48 day attacks, resulting in data breaches and data loss help in validating user input.
49 across affected organizations. The term "zero-day"
50 alludes to the fact that the nature of vulnerability is 4) Authentication issues
51 unknown to individuals who are not attackers, notably Authentication and access management are the major
52 developers. Once a vulnerability is discovered, the security layers in many organizations. Most user-centric
53 developer must scramble to safeguard users. The software services still use a simple authentication involving
business must produce a patch for the vendor to fix its usernames and passwords, with the notable exception of
54
vulnerability. Zero-day attacks are a serious concern certain well-developed organizations that have deployed
55
because they are novel (anomalous) assaults that exploit various additional authentication sites like virtual
56
previously discovered system vulnerabilities. One of the keyboards and shared secret questions, to render common
57
58
59 For Review Only
60
Page 17 of 20 IEEE Access

1
2
3 phishing attempts more challenging. These issues become such as ELK Stack (Elasticsearch, Logstash, and Kibana)
4 vulnerable sites for adversaries who have used attacks to track and investigate authentication-related events
such as the man in the middle, key logger, and phishing. could help minimize authentication issues.
5
Therefore, strengthening application security is important
6
for developers; however, adapting to best-securing Penetration testing is one of the most prominent security
7
techniques remains a challenging task. Today there are techniques in SaaS applications. However, this brings
8 multiple tools offered by many third-party services about some of the major problems. The first is to
9 including Single Sign-On (SSO) Solutions such as Okta, determine how SaaS applications differ from traditional
10 Azure Active Directory, Auth0, Identity and Access on-premise systems. As these cloud-native applications
11 Management (IAM) tools such as AWS IAM or Google offer multitenancy and shared services, the complexity of
12 Cloud IAM, which help manage user access permissions the systems increases. Therefore, organizations lack the
13 and enforce the principle of least privilege. Further knowledge and infrastructure to evaluate backend
14 implementation of logging and monitoring using tools security systems [39].
15
16
TABLE IV
17 THREATS AND THEIR POSSIBLE MITIGATION TECHNIQUES IN SAAS MODEL
18 Threat/Attack Target Platform Consequence Mitigation methods Mitigation tools
19
20 Ransomware [40] AWS S3-based The stored data is overwritten Usage of repeated AWS Blueprint for
21 applications
with encrypted versions using
decryption techniques like Ransomware Defense.
AES to mitigate the attack
22 platform API, which in turn is
23 held for ransom
24
25 Google Cloud platform. Could lead to the Infiltration of Using decoy systems
Zero-day attack [41] AWS custom patch baseline
26 malware, spyware, or like honeypots, constant
for Critical and Important
27 unwanted access to user monitoring, and network
Security patches
28 information behavioral analysis
29
30 SQL Injection attack Any application which Leads to potential access to the Adapting feature OWASP ZAP and Burp Suite
31 [42] uses SQL server organization’s assets or data by engineering and machine
the attackers. learning techniques like
32 Random Forest and
33 AdaBoost classifier to
34 detect malicious codes
35 Authentication issues Any application with keys Provides a weak point in the Usage of multi-factor Okta, Azure Active Directory,
[43] and password protection application for the attackers to authentication methods, Auth0, AWS IAM
36 target, using tools like a further usage of Access
37 keylogger. management controls to
38 prevent unauthorized
access
39
40
41
42 VI. APPLICATIONS AND USE CASES
43 The aim of this paper was to educate the reader on the terms of availability, remote access, and providing accurate
44 whole background about what it takes to deliver system metrics that eventually aid in repair and
45 uncompromised software rights from the development maintenance. A Few of the applications and their use cases
phase. There are many applications of DevOps, but are provided below:
46
DevSecOps are few because security is a time-consuming
47
activity. This can be easily demonstrated by reports DevOps in the IT World:
48
presented in the introduction of this paper. Not only is DevOps, a successful technique, lays the groundwork for
49 security a time-consuming process, but it is also an
50 increased productivity, efficiency, and shorter cycle times
elaborate one. Only a few security personnel are capable of by integrating development and operation teams. This
51 performing complex security tasks that encompass all
52 finding broadens its relevance to numerous domains within
aspects related to security. Nevertheless, security is now the IT industry.
53 considered an add-on feature and is maintained as a last-
54 minute activity. Use cases exist not only in the corporate Corporate World and Operation Technology (OT) Industry:
55 world but also in the Operation Technology (OT) industry. DevSecOps use cases expand beyond the corporate
56 Many manufacturers are now switching to smart appliances environment and into Operation Technology (OT) business.
57 and machines connected to networks. This is a big boost in
58
59 For Review Only
60
 IEEE Access Page 18 of 20

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
FIGURE 8. Threats and possible attacks in different Service models
26
27
28 Manufacturers in this business are increasingly embracing
29 smart appliances and network-connected devices. These
30 developments provide advantages such as increased
31 availability, remote access, and precise system metrics,
32 allowing for more effective repair and maintenance
33 operations.
34
35 Threat Model Analysis:
36 A threat model analysis is critical for developing
appropriate responses to diverse attack scenarios. Threat
37
models define the circumstances, consequences, viable
38
mitigation and response strategies of attacks. Organizations
39
may make well-informed decisions regarding the
40 infrastructure and platforms on which their software runs
41 by analyzing threat models. FIGURE 9. Th Cybersecurity in OT adapted from [44]
42
43 DevSecOps Pipeline: VII. CHALLENGES
44 A major shift to DevOps has occurred owing to the
The DevSecOps pipeline is a condensed set of strategies
45 introduction of cloud computing. This revolutionized the
and methodologies that simplifies security practices.
46 SDLC life cycle, as many organizations shifted from on-
Organizations of any size can achieve security success in a
47 variety of scenarios by combining a threat model analysis premise to cloud, minimizing the number of physical
48 with a DevSecOps pipeline. Proven solutions and practices resources required. However, this comes with some major
49 have become engrained as standard processes, propelling challenges, such as interoperability, costing model,
50 the field forward. security, and compliance [45]. Owing to the major security
51 challenges in product development, DevSecOps was
52 An elaborate understanding of the connection between introduced to ensure that security practices, such as
53 DevSecOps and threat models can potentially disrupt vulnerability scanning, code analysis, and compliance
54 outdated security practices. This integration unlocks new checks, are integrated into the development, testing, and
55 possibilities in the domains of cybersecurity and digital deployment processes that require careful planning and
56 forensics, leading to enhanced security measures in the IT coordination. Furthermore, in recent years, the increased
57 industry. adoption of cloud services and the interconnected nature of
58
59 For Review Only
60
Page 19 of 20 IEEE Access

1
2
3 modern applications have expanded the attack surface, cyber security awareness and defense. These
4 making it more difficult to defend against cyber threats comprehensive threat models encompass an array of
[46]. As a result, organizations are forced to adopt a multi- potential attacks and present worst-case scenarios to
5
layered security approach to safeguard their DevSecOps familiarize companies with potential dangers to their
6
pipelines. Monitoring the DevSecOps pipeline for potential valuable assets. As no software can be claimed to be 100%
7
vulnerabilities, anomalies, and unauthorized access is secure, the strength of a product's cyber security lies in its
8 crucial and is accompanied by several challenges: ability to fortify the weakest link within it. By ensuring
9 Cultural shift: DevSecOps brings about a major cultural fault-proof and resilient code that can handle unexpected
10 shift, necessitating communication between Development, errors or exceptions, organizations can significantly
11 Operations, and Security teams. This is a major challenge mitigate risks and safeguard against potential threats. In
12 as it changes the processes and mindsets of individuals. closing, we encourage readers to delve deeper into the
13 Real-time Incident Response: Responding to security burgeoning concept of DevSecOps to fully grasp its
14 incidents and performing forensics in a fast-paced remarkable capabilities. By embracing DevSecOps
15 DevSecOps environment can be difficult owing to the need practices, organizations can effectively bolster their security
16 for quick decisions and actions. posture, ensuring robust and proactive defense against
17 API Security: Managing access control for third-party evolving cyber threats.
18 services and implementing secure authorization and
19 authentication mechanisms for APIs presents significant REFERENCES
20 security challenges. 1. N. Tomas, J. Li, and H. Huang, “An empirical study on
21 Latency: As DevOps emphasizes the rapid development culture, automation, measurement, and sharing of
22 and deployment of applications, incorporating security may devsecops,” 06 2019, pp. 1–8.
bring down rapid deployment and introduce delays in final 2. Cybersecurity insiders. https://www.cybersecurity-
23
production. insiders.com/wp-content/uploads/2021/06/2021-Insider-
24 Threat-Report-Gurucul-Final-dd8f5a75.pdf Accessed
25 Continuous Monitoring: Implementing continuous
monitoring practices and tools to detect and respond to July 4, 2023.
26 3. “Gartner identifies the top cybersecurity trends for
27 security incidents in real time is a challenge that requires
2023,” Gartner,
expertise and robust monitoring solutions.
28 https://www.gartner.com/en/newsroom/press-
Financial challenges: DevSecOps requires an efficient
29 releases/04-12-2023-gartner-identifies-the-top-
security team that could collaborate with the development
30 cybersecurity-trends-for-2023 (accessed Jul. 4, 2023).
and operations teams, which creates new roles in the
31 industry, and subsequently organizations have to spend a
4. Battina, Dhaya Sindhu. "Best Practices for Ensuring
32 higher amount of money to ensure the smooth run of the
Security in Devops: A Case Study Approach."
33 International Journal of Innovations in Engineering
entire code pipeline. Research and Technology 4, no. 11 (2017): 38-45.
34 Compliance and Regulation: It might be difficult to adhere 5. Putra, Agung Maulana, and Herman Kabetta.
35 to industry rules and meet security compliance "Implementation of DevSecOps by Integrating Static
36 requirements when development and deployment cycles are and Dynamic Security Testing in CI/CD Pipelines." In
37 fast-paced. 2022 IEEE International Conference of Computer
38 Security on a large scale: Employing industry-standard Science and Information Technology (ICOSNIKOM),
39 security practices across multiple projects, teams, and pp. 1-6. IEEE, 2022.
40 organizations would be challenging. 6. The state of devsecops report - contrast security.
41 Accessed July 12, 2023.
42 Finally, safeguarding the DevSecOps pipeline is a https://www.contrastsecurity.com/hubfs/DocumentsPDF
43 continuous activity that necessitates a mix of technological /The-State-of-DevSecOpsReportFinal.pdf.
44 solutions, competent individuals, and a proactive security 7. “What Is DevSecOps? | IBM.” n.d. Www.ibm.com.
https://www.ibm.com/topics/devsecops.
45 attitude. Organizations may limit risks, secure sensitive
data, and maintain the integrity and availability of their 8. “DevSecOps Market Size, Share, Trends and Industry
46 Analysis.” MarketsandMarkets. Accessed July 12, 2023.
47 applications and infrastructure by regularly analyzing and
updating security measures. https://www.marketsandmarkets.com/Market-
48 Reports/devsecops-market-122458587.html.
49 9. Sun, Xiaohan, Yunchang Cheng, Xiaojie Qu, and Hang
VIII. CONCLUSION
50 Li. "Design and Implementation of Security Test
The core focus of this study revolves around the meticulous
51 Pipeline Based on DevSecOps." In 2021 IEEE 4th
detailing of threat models within the realm of DevSecOps,
52 Advanced Information Management, Communicates,
bolstering the security pipeline. In this emerging field,
53 cyber security enthusiasts have found new horizons to
Electronic and Automation Control Conference
54 explore and unlock vast opportunities. Understanding the
(IMCEC), vol. 4, pp. 532-535. IEEE, 2021.
55 10. Mahboob, Jamal, and Joel Coffman. "A kubernetes ci/cd
essence of DevSecOps and how it operates within pipeline with asylo as a trusted execution environment
56 organizations has become a pivotal milestone in fortifying abstraction framework." In 2021 IEEE 11th Annual
57
58
59 For Review Only
60
 IEEE Access Page 20 of 20

1
2
Computing and Communication Workshop and 22. Pecka, Nicholas Stephen. "Making secure software
3
Conference (CCWC), pp. 0529-0535. IEEE, 2021. insecure without changing its code: The possibilities and
4
11. Yasar, Hasan. "Experiment: Sizing exposed credentials impacts of attacks on the DevOps pipeline." PhD diss.,
5 in github public repositories for ci/cd." In 2018 IEEE Iowa State University, 2022.
6 Cybersecurity Development (SecDev), pp. 143-143. 23. Kivioja, Sini. "INFORMATION SECURITY THREAT
7 IEEE, 2018. AND RISK ASSESSMENTS IN DEVOPS."
8 12. Putra, Agung Maulana, and Herman Kabetta. Information Technology (2022).
9 "Implementation of DevSecOps by Integrating Static 24. Bodeau, Deborah J., Catherine D. McCollum, and David
10 and Dynamic Security Testing in CI/CD Pipelines." In B. Fox. "Cyber threat modeling: Survey, assessment,
11 2022 IEEE International Conference of Computer and representative framework." Mitre Corp, Mclean
12 Science and Information Technology (ICOSNIKOM), (2018).
13 pp. 1-6. IEEE, 2022. 25. Saitta, Paul, Brenda Larcom, and Michael Eddington.
13. Bajpai, Pranshu, and Adam Lewis. "Secure "Trike v. 1 methodology document [draft]." URL:
14
Development Workflows in CI/CD Pipelines." In 2022 http://dymaxion. org/trike/Trike v1 Methodology
15
IEEE Secure Development Conference (SecDev), pp. Documentdraft. pdf (2005).
16 65-66. IEEE, 2022. 26. Shevchenko, Nataliya, Timothy A. Chick, Paige
17 14. Ramaj, Xhesika. "A DevSecOps-enabled framework for O'Riordan, Thomas P. Scanlon, and Carol Woody.
18 risk management of critical infrastructures." In Threat modeling: a summary of available methods.
19 Proceedings of the ACM/IEEE 44th International Carnegie Mellon University Software Engineering
20 Conference on Software Engineering: Companion Institute Pittsburgh United States, 2018.
21 Proceedings, pp. 242-244. 2022. 27. Abbas, Syed Ghazanfar, Shahzaib Zahid, Faisal
22 15. McZara, Jason, Subash Kafle, and Daniel Shin. Hussain, Ghalib A. Shah, and Muhammad Husnain. "A
23 "Modeling and analysis of dependencies between threat modelling approach to analyze and mitigate
24 microservices in devsecOps." In 2020 IEEE botnet attacks in smart home use case." In 2020 IEEE
International Conference on Smart Cloud (SmartCloud), 14th International Conference on Big Data Science and
25
pp. 140-147. IEEE, 2020. Engineering (BigDataSE), pp. 122-129. IEEE, 2020.
26
16. Aljohani, Mohammad A., and Sultan S. Alqahtani. "A 28. Shevchenko, Nataliya. "Threat Modeling: 12 Available
27 Unified Framework for Automating Software Security Methods." Carnegie Mellon University, Software
28 Analysis in DevSecOps." In 2023 International Engineering Institute's Insights (blog). Carnegie
29 Conference on Smart Computing and Application Mellon's Software Engineering Institute, December 3,
30 (ICSCA), pp. 1-6. IEEE, 2023. 2018. https://insights.sei.cmu.edu/blog/threat-modeling-
31 17. Ibrahim, Amr, Ahmed H. Yousef, and Walaa Medhat. 12-available-methods/.
32 "DevSecOps: A Security Model for Infrastructure as 29. Bhardwaj, Aanshi, Veenu Mangat, Renu Vig, Subir
33 Code Over the Cloud." In 2022 2nd International Halder, and Mauro Conti. "Distributed denial of service
34 Mobile, Intelligent, and Ubiquitous Computing attacks in cloud: State-of-the-art of scientific and
35 Conference (MIUCC), pp. 284-288. IEEE, 2022. commercial solutions." Computer Science Review 39
18. Sojan, Arun, Ranjit Rajan, and Pasi Kuvaja. (2021): 100332.
36
"Monitoring solution for cloud-native DevSecOps." In 30. Cheng, Long, Fang Liu, and Danfeng Yao. "Enterprise
37
2021 IEEE 6th International Conference on Smart Cloud data breach: causes, challenges, prevention, and future
38 (SmartCloud), pp. 125-131. IEEE, 2021. directions." Wiley Interdisciplinary Reviews: Data
39 19. Díaz, Jessica, Jorge E. Pérez, Miguel A. Lopez-Peña, Mining and Knowledge Discovery 7, no. 5 (2017):
40 Gabriel A. Mena, and Agustín Yagüe. "Self-service e1211.
41 cybersecurity monitoring as enabler for devsecops." Ieee 31. Dalai, Asish Kumar, and Sanjay Kumar Jena.
42 Access 7 (2019): 100283-100295. "Neutralizing SQL injection attack using server side
43 20. Carturan, Sara, and Denise Goya. "Major Challenges of code modification in web applications." Security and
44 Systems-of-Systems with Cloud and DevOps–a Communication Networks 2017 (2017).
45 financial experience report." In 2019 IEEE/ACM 7th 32. Venkata Subramanian, N., N. Saravanan, and V. S.
46 International Workshop on Software Engineering for Shankar Sriram. "Survey on Mitigation Techniques of
Systems-of-Systems (SESoS) and 13th Workshop on Virtualization Technique." ARPN J. Eng. Appl. Sci 12,
47
Distributed Software Development, Software no. 2 (2017).
48
Ecosystems and Systems-of-Systems (WDES), pp. 10- 33. Ponta, Serena Elisa, Henrik Plate, and Antonino Sabetta.
49 17. IEEE, 2019. "Detection, assessment and mitigation of vulnerabilities
50 21. Cankar, Matija, Nenad Petrovic, Joao Pita Costa, Ales in open source dependencies." Empirical Software
51 Cernivec, Jan Antic, Tomaz Martincic, and Dejan Engineering 25, no. 5 (2020): 3175-3215.
52 Stepec. "Security in DevSecOps: Applying Tools and 34. Jin, Xing, Xunchao Hu, Kailiang Ying, Wenliang Du,
53 Machine Learning to Verification and Monitoring Heng Yin, and Gautam Nagesh Peri. "Code injection
54 Steps." In Companion of the 2023 ACM/SPEC attacks on html5-based mobile apps: Characterization,
55 International Conference on Performance Engineering, detection and mitigation." In Proceedings of the 2014
56 pp. 201-205. 2023. ACM SIGSAC Conference on Computer and
57 Communications Security, pp. 66-77. 2014.
58
59 For Review Only
60
Page 21 of 20 IEEE Access

1
2
35. Chen, Zesheng, and Chuanyi Ji. "Optimal worm-
3
scanning method using vulnerable-host distributions."
4 PRIYANSH MATHUR is a Student in PES
International Journal of Security and Networks 2, no. 1-
5 2 (2007): 71-80.
University currently pursuing Bachelors in
Computer Science and Engineering. He is
6 36. Stefan, Deian, Alejandro Russo, Pablo Buiras, Amit interested in fields comprising Deep Learning,
7 Levy, John C. Mitchell, and David Mazieres. Cloud Computing and Internet of Things (IoT).
8 "Addressing covert termination and timing channels in
9 concurrent information flow systems." ACM SIGPLAN
10 Notices 47, no. 9 (2012): 201-214.
11 37. “AWS Blueprint for Ransomware Defense.” n.d.
12 Accessed July 11, 2023.
https://d1.awsstatic.com/whitepapers/compliance/AWS- PRATHAM MANJA is currently an
13 Undergraduate in Computer Science and
Blueprint-for-Ransomware-Defense.pdf.
14 Engineering, PES University. His research
38. George, A. Shaji, and S. Sagayarajan. "Securing Cloud
15 interests include software engineering, AI
Application Infrastructure: Understanding the (machine learning and deep learning), the
16 Penetration Testing Challenges of IaaS, PaaS, and SaaS Internet of Things, and Cloud Computing.
17 Environments." Partners Universal International .
18 Research Journal 2, no. 1 (2023): 24-34.
19 39. Kumar, Pramod. "A Proposed Methodology to Mitigate
20 the Ransomware Attack." In Recent Trends in Intensive
21 Computing, pp. 16-21. IOS Press, 2021.
PRASAD B HONNAVALLI received
22 40. Vaisla, Kunwar Singh, and Reenu Saini. "Analyzing of
MBA from University of Melbourne,
23 zero day attack and its identification techniques." In
Australia and B.E from UVCE, Bangalore
24 Proceedings of First International Conference on University. Currently he is working as a
Advances in Computing \& Communication
25 professor in department of Computer Science
Engineering (ICACCE-2014), p. 3. 2014. and Engineering. His research focus includes
26 all aspects of Information Security, Networks
41. Tripathy, Dharitri, Rudrarajsinh Gohil, and Talal Halabi.
27 "Detecting SQL injection attacks in cloud SaaS using and Internet of Things. Prasad B Honnavalli
28 machine learning." In 2020 IEEE 6th Intl Conference on
is the Director for PESU Centre for
Information Security, Forensics and Cyber
29 Big Data Security on Cloud (BigDataSecurity), IEEE Resilience (C-ISFCR) and the PESU Centre for Internet of Things (C-
30 Intl Conference on High Performance and Smart IoT). He is a member of IEEE, ACM and PMI.
31 Computing,(HPSC) and IEEE Intl Conference on
32 Intelligent Data and Security (IDS), pp. 145-150. IEEE,
33 2020. NAGASUNDARI S received Ph.D
34 42. Soufiane, Sail, and Bouden Halima. "SaaS Cloud degree in the faculty of Information and
35 Security: Attacks and Proposed solutions." Transactions Communication Engineering from Anna
on Machine Learning and Artificial Intelligence 5, no. 4 University, India. She is currently working
36 as an Associate Professor in the Department
(2017).
37 of Computer Science and Engineering and
43. Arun. 2022. “Understanding OT Cyber Security
38 Standards | ATS.” ATS Advanced Technical Solutions.
associated with the Research Centre for
Information Security, Forensics and Cyber
39 February 4, 2022. https://ats.ae/cyber-security- Resilience. She is an Associate member in
40 standard/understanding-ot-cyber-security-standards/. Institution of Engineers, India, and member of Cloud Security alliance,
41 44. T. Dillon, C. Wu and E. Chang, "Cloud Computing: Bangalore Chapter. Her research interests include Cloud security and IoT
Security
42 Issues and Challenges," 2010 24th IEEE International
43 Conference on Advanced Information Networking and
44 Applications, Perth, WA, Australia, 2010, pp. 27-33,
45 doi: 10.1109/AINA.2010.187.
46 45. Yankel, J., and Yasar, H., 2023: 5 Challenges to
Implementing DevSecOps and How to Overcome Them.
47
Carnegie Mellon University, Software Engineering
48
Institute's Insights (blog), Accessed July 14, 2023,
49 https://doi.org/10.58012/fywc-yq50.
50
51
52
53
54
55
56
57
58
59 For Review Only
60