DevSecOps Overview - yibinericxia/documents GitHub Wiki
Intro
DevSecOps is the methodology that integrates security into the whole life cycle of the software development and operations (DevOps).
Principles
- Shift left
implement security as early as possible
- Automation
use tools/flows as much as possible
- Continuous improvement
keep continuous efforts in improving existing flows and addressing new vulnerabilities
- Collaboration
security team, dev team, test team need to work together