Importance of DevSecOps in Next Generation Enterprise

By Gautam Khanna, Vice President and Head, Modernization Practice, Infosys

The COVID-19 pandemic taught a major lesson to all businesses that without business resilience enterprises cannot remain competitive in the market. And to stay relevant, they need systems that are flexible and nimble. Agile and DevOps play a critical role in building such systems and have spurred enterprise-wide adoption for quite some time. However, while DevOps brings benefits like improved time-to-market, superior quality, reduced effort, and cost; the outcomes are less than stellar when manual security testing is applied towards the end of the development cycle.

Despite the need for much faster time to market, enterprises cannot sacrifice application security at the altar of speed due to the rapidly rising losses due to fraud that run into billions of dollars every year.

Enterprises, therefore, are relying on integrating security in their DevOps strategy or in other words adopting DevSecOps to detect, prevent and mitigate cyberthreats. DevSecOps is a security management approach that integrates security considerations into the realm of DevOps. It focuses on embedding security practices early into the application lifecycle instead of keeping it at the tail-end of the release. DevSecOps implementation includes automation of engineering activities, removal of manual interventions, and building collaboration amongst security SMEs and DevOps teams.

Read this exclusive article as published in Global Security Magazine; one of the most popular online publications dedicated to information security in France, publishing news in both English and French.