APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    DevSecOps : Enhanced Security Assurance

    With DevSecOps, vulnerabilities can be minimized by shifting security left in software delivery pipeline and bring security nearer to IT and business. In a recent XebiaLabs webinar, James Wickett discussed three principles for incorporating security  

    DevSecOps : Enhanced Security Assurance

    By

    Apac CIOOutlook | Thursday, January 01, 1970

    Stay ahead of the industry with exclusive feature stories on the top companies, expert insights and the latest news delivered straight to your inbox. Subscribe today.

    According to Verizon’s data breach report, utmost infringement occurs at an application level, and only three to four percent of annual security budget is granted for protecting applications. With DevSecOps, vulnerabilities can be minimized by shifting security left in software delivery pipeline and bring security nearer to IT and business.

    In a recent XebiaLabs webinar, James Wickett discussed three principles for incorporating security into complete DevOps lifecycle.

    With the help of bulkhead patterns, application dependants can be separated by the codes that are uniquely designed (the main idea behind this is to design for failure). All the elements of an application are to be isolated so that if one fails, the other can function properly. Bulkheads are put into little heads which are formed after splitting big services in the process of microservices movement. Though microservices have their limitations, they are great for security.

    Threat modeling illustrates the components that make applications work seamlessly in identifying the potential risks and mitigate the effects of threats to the system. Testing the vulnerabilities across all components of an application’s lifecycle can be done by few methods—adversity testing, Security as code, and vulnerability testing. Vulnerabilities can be identified by injecting advertising testing tools into the security pipeline. Metasploit, Nikto, and Arachni are the major hacking tools used by hackers to enter into the site for identifying weaknesses.

    DevSecOps strives to push security practices into software lifecycle so that assured security is derived. SAST (static application security testing), DAST (dynamic application security testing), and IAST (interactive application security testing) are the few applications used for testing vulnerabilities. These analyze the application behavior in the testing phase to help developers prioritize vulnerability findings.

    Continuous delivery of security is possible only when the main causes of vulnerabilities are evaluated, the results are integrated back into the software development process to avoid the repeated occurrence of the same mistake. Hiding information prolongs the exposure for vulnerabilities.

    DevSecOps shifts security from reactive to proactive that is supported by different techniques like test-driven development and attack driven defense. It champions the importance of security at every level and empowers security staff to make decisions that have a positive influence on business. DevSecOps is growing all the time, with an increasing number of organizations implementing it as a solution for security issues.

          Check out: Top Homeland Security Solution Companies

    More in News

    AI's Role in Apac's Digital Transformation Journey

    AI's Role in Apac's Digital Transformation Journey

    Influence of AI on Supply Chain Management

    Influence of AI on Supply Chain Management

    Role of Blockchain in Fostering a Trust-Based Economy

    Role of Blockchain in Fostering a Trust-Based Economy

    Revolutionizing Healthcare Through 5G Technology

    Revolutionizing Healthcare Through 5G Technology

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://www.apacciooutlook.com/news/devsecops-enhanced-security-assurance-nwid-5684.html