• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Skip to footer

Cybersecurity Market

Cybersecurity Technologies & Markets

  • Cyber Security Events 2023-2024
  • Market Reports
  • Sponsored Post
  • Make a Contribution
  • About
  • Contact

“The Six Pillars of DevSecOps” Report identifies areas critical to successful DevSecOps integration within an organization

August 8, 2019 By admin

The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today announced the release of The Six Pillars of DevSecOps. The paper, created by CSA’s DevSecOps Working Group, aims to ensure that DevSecOps is part of a well-thought out design principle — rather than a bolted-on afterthought — to enhance an organization’s overall security posture.

“The security risks inherent in today’s intricate interactions between multiple technology layers, coupled with the globally interconnected and always-on nature of today’s applications, have been compounded by vulnerabilities lying dormant in systems, software, and hardware. The result is a field ripe for picking by malicious parties across the world,” said John Yeoh, VP of Research for the Cloud Security Alliance. “This report should serve as a springboard for organizations wanting to address the challenges of today’s interconnected, rapidly changing security environment with increasingly shortened infrastructure and product life cycles.”

The omnipresence of consumer electronics and computer power, alongside modern trends (i.e., DevOps, microservices, and open source) that accelerate deployment cycles continue to strain enterprises’ ability to detect and identify exploitable flaws in a timely manner. While this creates significant increases in overall security risk, organizations that build security into the software lifecycle have better outcomes. To facilitate this, CSA’s DevSecOps Working Group defined the following six areas of focus that are critical to integrating DevSecOps into an organization:

Collective responsibility: Everyone has their own security responsibility and must be aware of their own contribution to the organization’s security stance. Edge users and developers are not just “security-aware” but are the first line of defense.

Collaboration and integration: A security-aware and collaborative culture is necessary for the members of all functional teams to report potential anomalies.

Pragmatic implementation: Taking a framework-agnostic, digital security and privacy model that focuses on application development will allow organizations to approach security in DevOps pragmatically.

Bridging compliance and development: The key to addressing the gap between compliance and development is to translate applicable controls to appropriate software measures and identifying inflection points within the software lifecycle where these controls can be automated and measured.

Automation: Software quality can be enhanced by improving the thoroughness, timeliness and frequency of testing/feedback. Processes that can be automated should be, and those that can’t should be considered for elimination.

Measure, monitor, report and action: For DevSecOps to succeed, software development and post-delivery results must be continuously measured, monitored, reported and acted upon by the right people at the right time.

The CSA DevSecOps Working Group works to create a transparent and full-circle management lifecycle that leverages all the components of DevSecOps to ensure timely and full-functioning application deployment with proper security steps through every process.

Download the full report https://cloudsecurityalliance.org/artifacts/six-pillars-of-devsecops.

About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org

Filed Under: Cybersecurity Market

Primary Sidebar

Market Analysis

How insurers thrive in a turbulent market
Leveraging Artificial Intelligence to Drive Cost Savings and Productivity in Uncertain Times
The shipping industry is undergoing a significant change with the influx of new vessels arriving just as the growth of trade is beginning to slow down
Climate change is increasingly affecting the production of beer ingredients
Unfulfilled Dreams: The Aftermath of China’s Stalled Real Estate Developments
Huawei on the Brink: Biden Administration Considers Cutting Off the Tech Giant”
Key Fire Industry Trends for 2023

Market Research Media

Streaming video, training, and gaming coming together to form a cohesive and diverse media and entertainment ecosystem
Turn Your Story into a Game: The Art of Gamifying Your Plot
The end of cheap money is redrawing the map of corporate earnings
The Future of Virtual Reality: How VR is Changing Industries
Market Research Media Survey: The State of Streaming Services
Media measurement services provide a holistic view of cross-media consumption
Gen Z ranks top in luxury sales

Secondary Sidebar

Technologies

The low tech unemployment rate and hiring activity confirms the long-term demand for tech talent
Virgin Orbit and SatRev Sign Launch Services Agreement
Harnessing the Power of Innovation for a Better Tomorrow
Breaking Down Silos: The Need for Cross-Sector Collaboration in Tackling Global Challenges
The SPIE Prism Awards recognized the best new optics and photonics products

Venture Capital

Gradient, a company specializing in eco-friendly heating and cooling solutions, has raised $18 million in a Series A funding round
The Importance of Diversity and Inclusion in the Workplace
Sequoia Capital announces its $195 Mln dedicated seed fund
Sublime Systems Secures $40 Million Series A to Electrify and Scale Decarbonized Cement Production
actyv.ai Raises Pre-Series A Funding to Fuel Global Expansion, Product Enhancement

Footer

Recent Posts

  • The Barcelona Cybersecurity Congress, 31 JANUARY – 2 FEBRUARY 2023, BARCELONA – GRAN VIA VENUE
  • Cybertech 2023 in Tel Aviv: Day 2, January 31, 2023
  • Protecting Your Privacy: A Look at the State of GDPR in the EU
  • Cybertech 2023 in Tel Aviv: Day 1, January 30, 2023
  • Identity has become the new attack surface
  • The Cybersecurity Risks of Automated Tutoring in Higher Education
  • The Cybersecurity Landscape in the Era of 5G: Challenges and Opportunities
  • The Hidden Dangers of Public USB Charging Ports: How to Protect Your Devices
  • How to encrypt and decrypt text messages with ChatGPT
  • The Impact of Artificial Intelligence on Cybersecurity

ESN

Kscope22, June 19-23 2022, Gaylord, Grapevine, Texas
Snorkel AI Hosts Second Annual The Future of Data-Centric AI Conference, August 3–4, 2022
Business Leaders will join Government and UN Chiefs to build forward better at UN Global Compact Leaders Summit
Illumina Genomics Forum, September 28 – October 1, 2022, San Diego
Rx and Illicit Drug Summit (Rx Summit), April 18-21 in Atlanta, GA

Calendarial

Day of the Dead, November 2
ETHDenver’s #BUIDLathon and Community-Owned Innovation Festival Returns in February 2023
Affective Computing and Intelligent Interaction will be held September 10-13 2023
All-You-Can-Eat Ice Cream Festival – Coming To Seattle Center August 27th & 28th
Privacy+Security Forum, November 2-4, 2022, Washington D.C.

Tech Events

DTX Europe 2021 taking place at the ExCeL London from 6-7 October 2021
Enterprise Connect, September 27-29, 2021, Gaylord Palms hotel, Orlando, Florida
Blockchaining 2023: The crypto world is facing a crisis of confidence
Fiber Connect 2021, July 25-28, Gaylord Opryland Resort & Convention Center, Nashville, Tennessee
DesignCon 2022, April 5-7, 2022, Santa Clara Convention Center, Santa Clara, CA

Event Calendar

The Cultural Transformation Business Summit, hosted by Epic Pivot, will take place on February 23, 2023 at The Wond’ry, Vanderbilt University’s Innovation Center
Auto China 2020: Hyundai Motor Shares Game-Changing Electrification Vision Driving Its Smart Mobility Transformation
NRF Big Show 2022, January 16-18, 2022, Javits Center, NYC
retailX 2021 conference and exhibition, August 24-25, 2021, McCormick Place Convention Center, Chicago
MAGHREB PHARMA Expo, the largest pharmaceutical technology tradeshow in Africa, 9 – 11 February 2021, Algiers International Conference Center

Copyright © 2022 CybersecurityMarket.com

Technologies, Market Analysis & Market Research

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT