“DevSecOps” can be defined as integrating software security and compliance into the software development process, as opposed to bolting it on the end as a separate testing phase. This is where the “shift left” terminology comes from; the movement of testing traditionally performed late in the development process to earlier phases. At a minimum, this approach aims to catch security issues as early as practical, minimizing costly rework (and possibly redesign) that results from late discovery. It also emphasizes the inseparability of security from the development process. This article describes the DevSecOps movement background, ecosystem, and a simple example process.

DeWayne Filppi

Software developer and architect

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store