Building an effective DevSecOps Operating Model takes some effort to align people, process and technolgy so that it meets the needs of securing business workloads. In this way, it is imperative for DevOps teams to build and ship secure software.
- It's not just revision control
- Make use of Bug Tracking & Ticketing Systems
- Peer Review of changes before they happen
- Establish infrastructure code patterns and designs
- Test infrastructure changes like code changes
- Programmatically test environments
- Determine State at a specific point in time
- Repeatable processes
- Scalable operations
- Easy automation
- Auditable
- Easy to iterate
- Environmental consistency
- Operations
- Developers
- Red Team
- Blue Team
- Security