Product development is headed towards agile development and faster release, while security practices still remain at the back end of the development workflow for many organizations. This problem can be resolved by making security tools, frameworks and infrastructure baked into the build pipeline to provide continuous security. This session will focus on the concept of "security pipeline," which allows every code change to go through a standard predefined set of security stages that are repeatable and consistent across organizations. It provides the ability to integrate all security software centrally in a plug and play mechanism and support complex real-world CI/CD requirements. With a DevSecOps automation workflow, it is easier to define metrics, data models and build indicators to drive compliance, traceability and business decisions. It provides capabilities that enables developers to easily consume security services based on their product profile.
DevOps World 2021