First there came DevOps, in which processes between software development and IT teams were automated to speed up the building, testing, and release of software.
Then with bad actors using automated vulnerability-finding tools, eagle-eyed regulators closely watching for data breaches, and code breaking regularly, DevSecOps was next.
The DevSecOps practice or philosophy involves introducing security earlier in the life cycle of application development. Getting it right is not easy, however.
As John Yeoh, VP of research for the Cloud Security Alliance notes: “The security risks inherent in today’s intricate interactions between multiple technology layers, coupled with the globally interconnected and always-on nature of today’s