Publication Peer Review
The Six Pillars of DevSecOps - Collaboration and Integration
Open Until: 10/20/2023
The Cloud Security Alliance DevSecOps Working Group (WG) issued high-level guidance in “Information Security Management through Reflexive Security: Six Pillars in the Integration of Security, Development and Operations.” The six pillars are considered critical focus areas for implementing DevSecOps, with one of the recommended pillars on collaboration and integration during a security program. This pillar emphasizes the criticality of collaborating between all stakeholders in security, development, and operations to facilitate a harmonious and seamless workflow.
Effective collaboration and integration in DevSecOps involves realistically and sensibly making decisions that bolster joint efforts in the Software Development Lifecycle, optimizing the return on investment. The guidance in this pillar aims to help organizations establish a strong collaborative environment where security is not an isolated function, but an integral part of the DevOps workflows and processes. This will be accomplished by promoting regular, open, and proactive communication between all parties, ensuring that all stakeholders are involved, informed, and working towards a shared vision.
Peer review period has ended.