Revisit security in the era of DevOps: An evidence‐based inquiry into DevSecOps industry
By adopting agile and lean practices, DevOps aims to achieve rapid value delivery by speeding up development and deployment cycles, which however lead to more security concerns that cannot be fully addressed by an isolated security role only in the final
Xin Zhou +7 more
doaj +2 more sources
The Test Pyramid 2.0: AI-assisted testing across the pyramid [PDF]
Ensuring robust test coverage, high code quality, and a strong security posture are persistent challenges in modern industrial software development, especially as systems grow in complexity and release cycles accelerate with recent Artificial ...
Priyank Desai +2 more
doaj +2 more sources
Factors influencing the adoption of secure software engineering practices in pre-adoption and post-adoption phases [PDF]
Secure software engineering (SSE) is inevitably linked to DevSecOps which aims to embed security at every phase of the software development life cycle.
Anže Mihelič +2 more
doaj +2 more sources
Quantitative DevSecOps Metrics for Cloud-Based Web Microservices
The widespread adoption of Cloud-Based Web Microservices (CBWMs) and DevSecOps (Development, Security, and Operations) methodologies has significantly improved modern software development, particularly regarding scalability, agility, and security ...
Jin Yu Zhang
exaly +3 more sources
PASTA-4-PHT: a pipeline for automated security and technical audits for the personal health train [PDF]
Background With the introduction of data protection regulations, the need for innovative privacy-preserving approaches to process and analyse sensitive data has become apparent. One approach is the Personal Health Train (PHT) that brings analysis code to
Sascha Welten +9 more
doaj +2 more sources
Automated, secure software development is an important digitalization task, solved with the DevSecOps approach. An important part of the DevSecOps approach is continuous risk assessment, which is necessary to identify and evaluate risk factors. Combining
Abed Saif Ahmed Alghawli +1 more
exaly +3 more sources
Powerful authentication regime applicable to naval OFP integrated development (PARANOID): a vision for non-circumventable code signing and traceability for embedded avionics software [PDF]
Purpose – This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong ...
Joe Garcia +5 more
doaj +1 more source
ВИКОРИСТАННЯ ПІДХОДУ DEVSECOPS ДЛЯ АНАЛІЗУ СУЧАСНИХ ЗАГРОЗ ІНФОРМАЦІЙНОЇ БЕЗПЕКИ
У даній статті подано дослідження використання підходу DevSecOps для аналізу сучасних загроз. Визначення методології для реалізації та адаптації DevSecOps підходу.
Vitalii Susukailo
doaj +1 more source
АНАЛІЗ МЕТОДОЛОГІЇ DEVSECOPS В ПРОЦЕСАХ РОЗРОБКИ ПРОГРАМНОГО ЗАБЕЗПЕЧЕННЯ
Предметом дослідження в статті є методологія розробки і захисту програмного забезпечення в рамках DevSecOps. Дана методологія змінила підхід до забезпечення безпеки з реактивного на проактивний, а також підкреслює важливість забезпечення безпеки на всіх ...
Andrii Oleksandrovich Hapon +4 more
doaj +1 more source
INTEGRACIÓN Y DESPLIEGUE CONTINUO CON DEVOPS COMO CULTURA EN EMPRESAS DEL SECTOR TI COLOMBIANAS
Continuous integration and deployment are practices that have allowed the software development cycle to behave in amore agile way, thanks to the fact that they constantly provide the possibility of automating processes in order to improvetimes and ...
Gilberth Nick Cruz González +1 more
doaj +1 more source

