Fortifying Processes Via Security Standards
System development has embraced practices and processes to continuously develop, integrate, deploy, and operate software capabilities and services - typically called DevOps. These practices require automated tools and technologies to streamline the processing pipeline and advance the pace and quality of information systems. Many domains (e.g., banking, medical, military, and government) require higher levels of security and safety incorporated into their DevOps practices. They integrate enhanced security as well as safety assessments and testing into those practices, thereby coining the term DevSecOps. The principles and practices of DevSecOps are generally understood. However, there are few technical standards to aid with portability or interoperability among implementations.
Help us identify the focus of future standards in this area to explore how they could help this market space and engage with influential organizations in the DevSecOps arena to improve the overall state of practice, integration, interoperability, and understanding across the industry.
Watch the March 2023 DevSecOps Info Day at your leisure.
If interested in helping drive this initiative, please contact [email protected].