Introducing Security Champions to the DevSecOps Life Cycle
A Gartner report estimated that 25% of Global 2000 organisations would be using DevOps and Agile development practices as part of their mainstream strategies. Our experience with Synopsys customers confirms this prediction has come true.
In Agile development, passes through the software development life cycle (SDLC) occur more often than in traditional development models. Some development teams complete an SDLC over the course of 2 weeks, while others complete one daily.
A traditional software security group (SSG) isn’t equipped to apply security activities to Agile development environments effectively. Applying security to agile processes requires the injection of security-related people, processes, and testing activities at a sprint tempo. This tempo leaves little time for security teams and resources to review the software, deliver information on security and quality defects, and retest without disrupting the workflow. Even if SSGs dedicate staff to each project (which is usually out of the question), there still isn’t enough local knowledge of each application to get everything done well.
This whitepaper will highlight how to inject security into Agile development by enlisting developers.
Click the link below to download the Introducing Security Champions to the DevSecOps Life Cycle Whitepaper
Send download link to: