In continuation of my previous blog on; DevOps:Advanced DevOps Practices/Processes-1:
Following are the some of the DevOps concepts, a Practitioner need to practice.
What is the goal of DevSecOps?
The goal of DevSecOps is to decrease time to market while cutting the costs of development and remediation, while improving overall application security.
How it can be performed ?:
If the appropriate, automated security vulnerability and configuration scanning tools are deployed, developers with varying skill sets and experience can find and fix security problems as they occur.
How to motivate developers?:
Teaching developers on secure coding practices is still essential, as it is monitoring and protecting the production environment.
How to achieve it?:
By integrating automated application security testing as part of the moving into DevSecOps practices, teams can complete a DevOps security checking that addresses the challenges associated with developing secure applications in agile environments.
How to apply checkpoints?:
There are tools to verify the above checks.
I have discussed some of the relevant points on this subject in the below video session: