What is DevSecOps?

The simple premise of DevSecOps is that everyone in the software development life cycle

is responsible for security, in essence bringing operations and development together

with security functions. DevSecOps aims to embed security in every part of the development process.

It is about trying to automate core security tasks by embedding security controls and processes early

in the DevOps workflow (rather than being bolted on at the end). For example, this could be the case when

migrating to microservices, building out a CI/CD pipeline, compliance automation or simply testing cloud infrastructure.


this notes summary of devsecops