Just when we thought we knew what we were doing with DevOps, it’s time for an even longer — and more challenging — term, DevSecOps. DevSecOps is scaled, enterprise-level DevOps where security is baked into every step of the process, shifting the entire SDLC left and creating a culture where everyone has a stake in quality and security.
This is the right time to talk about adding “Sec” into the DevOps mix because security breaches are at an all-time high. In the first quarter of 2019, over 1900 breaches were reported involving 1.9 billion records, according to a report from Risk-Based Security. That’s an increase of more than 50% year-over-year. It’s never been more important to ensure code safety. But it’s also never been more important to release code quickly. The tension between these two competing demands is real, and reflects the distinct — and often contentious — divide between developers and security pros.