Gartner® Report – Integrating Security Into the DevSecOps Toolchain

“As DevOps continues to gain popularity for rapid delivery and innovation of IT-enabled capabilities, concerns about security increase. Security and risk management leaders must adapt security tools, processes and policies to the DevOps toolchain without slowing the development and release process.”

Download this report from Gartner to read their recommendations on how to:

  • Work in consultation with application leaders to decide upfront which projects are a good fit for DevSecOps, based on business risk and regulatory requirements.
  • Adapt existing secure development life cycle tools into the DevOps process by “shifting them left” into small actionable steps that developers and I&O engineers can take quickly, and “shifting right” to automated tools and responses, such as in operations and security monitoring.
  • Make it as easy as possible for developers to be successful at secure coding, by emphasizing technology and support systems that integrate into their existing workflow, language and toolsets.
  • Reduce vulnerabilities by integrating into defect tracking workflow and matching the pace of security bug fixes to the pace of development.

 

Integrating Security Into the DevSecOps Toolchain- Gartner Report, By Mark Horvath, Neil MacDonald, Refreshed 4 March 2021, Published 15 November 2019.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Thank you

for filling out your information!