DevOps Security: Integrating Security into the DevOps Workflow
DOI:
https://doi.org/10.53555/ephijse.v10i1.233Keywords:
DevOps, software, Security, evolution, code analysisAbstract
DevOps has revolutionized software development by emphasizing collaboration and automation, but security often lags behind. DevSecOps, the integration of security into the DevOps workflow, is crucial for ensuring security without compromising speed. By embedding security practices at every stage, from planning to deployment, organizations can identify and mitigate risks early, reducing the likelihood of breaches. This approach requires cultural shifts, new tools, and continuous monitoring, but the benefits—improved security, software quality, and overall organizational resilience—make it essential for modern software development.
References
Tatineni, S. (2023). Compliance and Audit Challenges in DevOps: A Security Perspective. International Research Journal of Modernization in Engineering Technology and Science, 5(10), 1306-1316.
de Kock, J., & Ophoff, J. (2023, June). Critical success factors for integrating security into a DevOps environment. In 15th Dewald Roode Workshop on Information Systems Security Research. IFIP Working Group 8.11/11.13.
Morales, J. A., Yasar, H., & Volkmann, A. (2018). Weaving security into DevOps practices in highly regulated environments. International Journal of Systems and Software Security and Protection (IJSSSP), 9(1), 18-46.
Azad, N. (2023, November). DevOps Challenges and Risk Mitigation Strategies by DevOps Professionals Teams. In International Conference on Software Business (pp. 369-385). Cham: Springer Nature Switzerland.
Battina, D. S. (2017). Best practices for ensuring security in Devops: A case study approach. International Journal of Innovations in Engineering Research and Technology, 4(11), 38-45.
Yasar, H. (2017, August). Implementing Secure DevOps assessment for highly regulated environments. In Proceedings of the 12th International Conference on Availability, Reliability and Security (pp. 1-3).
McNierney, S. F. (2021). Securing DevOps Environments in the Cloud (Doctoral dissertation, Utica College).
Koskinen, A. (2019). DevSecOps: building security into the core of DevOps (Master's thesis).
Hsu, T. H. C. (2018). Hands-On Security in DevOps: Ensure continuous security, deployment, and delivery with DevSecOps. Packt Publishing Ltd.
Skurla, B. A. (2020). DevOps Integration of Security Practices.
Ur Rahman, A. A., & Williams, L. (2016, April). Security practices in DevOps. In Proceedings of the Symposium and Bootcamp on the Science of Security (pp. 109-111).
Verslegers, D. (2021). Research Findings in the Domain of Security
