SlideShare a Scribd company logo

DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and challenges

M
Mohamed Nizzad

The document discusses DevSecOps as an evolution of DevOps that integrates security into the software development lifecycle. It outlines characteristics, practices, and benefits, such as improved code quality and reliability. Additionally, it highlights various implementation models and the challenges of adopting DevSecOps in organizations.

Technology
Related topics:
Insights on Software Development • agile-software-development • Information Security • Amazon Web Services
1 of 13
1
2
Most read
3
Most read
4
Most read
5
6
7
8
9
10
11
12
13
DevSecOps A.R.M. NIZZAD CTO | SENIOR LECTURER | RESEARCHER | SOFTWARE ENGINEER | DIGITAL MEDIA STRATEGIST | TECHNICAL W RITER | FREELANCER
Outline DevOps DevSecOps Characteristics Practices Benefits Implementation Challenges
DevOps DevOps is a set of practices that works to automate and integrate the processes between software development and IT teams, so they can build, test, and release software faster and more reliably
DevSecOps DevSecOps is a further development of the DevOps concept that, besides automation, addresses the issues of code quality and reliability assurance.
DevSecOps Characteristics DevOps Culture Automation Measurement Sharing
DevSecOps Practices • Threat modeling and risk assessments • Continuous testing • Monitoring and logging • Security as code • Red-Team and security drills
Benefits of Implementing DevSecOpsSHIFTING SECURITY TO THE LEFT AUTOMATING SECURITY VALUE
Implementing DevSecOps Different Security implementation models have been proposed by researchers and experts in the field of Security with respect to DevSecOps. • Three pillars of a DevSecOps model • OWASP DevSecOps Maturity Model • Deloitte’s transformational pillars in DevSecOps
Three pillars of a DevSecOps model • Test-driven security • Monitoring and responding to attacks • Assessing risks and maturing security
OWASP DevSecOps Maturity Model LEVEL 1: BASIC UNDERSTANDING OF SECURITY PRACTICES LEVEL 2: ADOPTION OF BASIC SECURITY PRACTICES LEVEL 3: HIGH ADOPTION OF SECURITY PRACTICES LEVEL 4: ADVANCED DEPLOYMENT OF SECURITY PRACTICES AT SCALE
Deloitte’s transformational pillars in DevSecOps Governance People Technology Process
Challenges in implementing DevSecOpsKEEPING UP WITH DEVOPS ORGANIZATIONAL CHALLENGES TOOLS AND PRACTICES
DevOps is not a Goal, But a never-ending process of continual Improvement Thank you

More Related Content

PPTX
DEVSECOPS.pptx
MohammadSaif904342
 
PDF
Security Process in DevSecOps
Opsta
 
PPTX
Benefits of DevSecOps
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
PDF
DevSecOps Implementation Journey
DevOps Indonesia
 
PDF
DevSecOps What Why and How
NotSoSecure Global Services
 
PPTX
How to Get Started with DevSecOps
CYBRIC
 
PDF
Demystifying DevSecOps
Archana Joshi
 
PPTX
DevSecOps reference architectures 2018
Sonatype
 
DEVSECOPS.pptx
MohammadSaif904342
 
Security Process in DevSecOps
Opsta
 
Benefits of DevSecOps
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
DevSecOps Implementation Journey
DevOps Indonesia
 
DevSecOps What Why and How
NotSoSecure Global Services
 
How to Get Started with DevSecOps
CYBRIC
 
Demystifying DevSecOps
Archana Joshi
 
DevSecOps reference architectures 2018
Sonatype
 

What's hot (20)

PDF
DevSecOps 101
Narudom Roongsiriwong, CISSP
 
PDF
DevSecOps: What Why and How : Blackhat 2019
NotSoSecure Global Services
 
PPTX
DevSecOps : an Introduction
Prashanth B. P.
 
PDF
The State of DevSecOps
DevOps Indonesia
 
PDF
2019 DevSecOps Reference Architectures
Sonatype
 
PDF
DevSecOps | DevOps Sec
Rubal Jain
 
PPTX
DevOps
Gehad Elsayed
 
PDF
Introduction to DevSecOps
Setu Parimi
 
PPTX
Introduction to DevSecOps
abhimanyubhogwan
 
PDF
DevSecOps in Baby Steps
Priyanka Aash
 
PDF
DevSecOps and the CI/CD Pipeline
James Wickett
 
PDF
DevSecOps The Evolution of DevOps
Michael Man
 
PPTX
ABN AMRO DevSecOps Journey
Derek E. Weeks
 
PPTX
DevOps Introduction
Robert Sell
 
PDF
Practical DevSecOps Course - Part 1
Mohammed A. Imran
 
PPTX
DevOps introduction
Christian F. Nissen
 
PDF
Introduction to DevOps
Ravindu Fernando
 
PPTX
DevOps 101
Ernest Mueller
 
PDF
Shift Left Security
BATbern
 
PPTX
DevOps introduction
Mettje Heegstra
 
DevSecOps 101
Narudom Roongsiriwong, CISSP
 
DevSecOps: What Why and How : Blackhat 2019
NotSoSecure Global Services
 
DevSecOps : an Introduction
Prashanth B. P.
 
The State of DevSecOps
DevOps Indonesia
 
2019 DevSecOps Reference Architectures
Sonatype
 
DevSecOps | DevOps Sec
Rubal Jain
 
DevOps
Gehad Elsayed
 
Introduction to DevSecOps
Setu Parimi
 
Introduction to DevSecOps
abhimanyubhogwan
 
DevSecOps in Baby Steps
Priyanka Aash
 
DevSecOps and the CI/CD Pipeline
James Wickett
 
DevSecOps The Evolution of DevOps
Michael Man
 
ABN AMRO DevSecOps Journey
Derek E. Weeks
 
DevOps Introduction
Robert Sell
 
Practical DevSecOps Course - Part 1
Mohammed A. Imran
 
DevOps introduction
Christian F. Nissen
 
Introduction to DevOps
Ravindu Fernando
 
DevOps 101
Ernest Mueller
 
Shift Left Security
BATbern
 
DevOps introduction
Mettje Heegstra
 
Ad

Similar to DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and challenges (20)

PPTX
DevSecOps-Explained-converted.pptx
Gurajalanaganarasimh
 
PPTX
The Importance of DevOps Security and the Emergence of DevSecOps
Dev Software
 
PPTX
DevSecOps Training Bootcamp - A Practical DevSecOps Course
Tonex
 
PPTX
What is devsecops and what is the characteristics of it
amalsalah25
 
PDF
DevSecOps Implement Making Security Central to Your DevOps Pipeline
Enov8
 
PPTX
DevSecOps: Integrating Security Into DevOps! {Business Security}
Algoworks Inc
 
PPTX
DevOps DevSecOps Based on Training Materials
RifqiMultazamOfficia
 
PPTX
Dev secops indonesia-devsecops as a service-Amien Harisen
Nadira Bajrei
 
PDF
You build it - Cyber Chicago Keynote
John Willis
 
PPTX
Introduction to DevSecOps OWASP Ahmedabad
kunwaratul hax0r
 
PDF
Why Security Engineer Need Shift-Left to DevSecOps?
Najib Radzuan
 
PDF
The Challenges of Scaling DevSecOps
WhiteSource
 
PPTX
DevSecOps Integrating Security in to the DevOps Lifecycle
Robert Risch
 
PPTX
Devsec ops
VipinYadav257
 
PDF
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Mohammed A. Imran
 
PDF
The Rise of DevSecOps in CI_CD Workflows.pdf
your techdigest
 
PPTX
How DevSecOps Can Help You Deliver Software Faster and Safer.pptx
Dev Software
 
PPTX
Devops
penetration Tester
 
PPTX
Ensuring Secure and Efficient Operations with DevOps Security
Dev Software
 
PDF
Why You Should Implement DevSecOps Approach?
Enov8
 
DevSecOps-Explained-converted.pptx
Gurajalanaganarasimh
 
The Importance of DevOps Security and the Emergence of DevSecOps
Dev Software
 
DevSecOps Training Bootcamp - A Practical DevSecOps Course
Tonex
 
What is devsecops and what is the characteristics of it
amalsalah25
 
DevSecOps Implement Making Security Central to Your DevOps Pipeline
Enov8
 
DevSecOps: Integrating Security Into DevOps! {Business Security}
Algoworks Inc
 
DevOps DevSecOps Based on Training Materials
RifqiMultazamOfficia
 
Dev secops indonesia-devsecops as a service-Amien Harisen
Nadira Bajrei
 
You build it - Cyber Chicago Keynote
John Willis
 
Introduction to DevSecOps OWASP Ahmedabad
kunwaratul hax0r
 
Why Security Engineer Need Shift-Left to DevSecOps?
Najib Radzuan
 
The Challenges of Scaling DevSecOps
WhiteSource
 
DevSecOps Integrating Security in to the DevOps Lifecycle
Robert Risch
 
Devsec ops
VipinYadav257
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Mohammed A. Imran
 
The Rise of DevSecOps in CI_CD Workflows.pdf
your techdigest
 
How DevSecOps Can Help You Deliver Software Faster and Safer.pptx
Dev Software
 
Devops
penetration Tester
 
Ensuring Secure and Efficient Operations with DevOps Security
Dev Software
 
Why You Should Implement DevSecOps Approach?
Enov8
 
Ad

Recently uploaded (20)

PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PPTX
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PPTX
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
August Patch Tuesday
Ivanti
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PDF
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
August Patch Tuesday
Ivanti
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 

DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and challenges