Cloud 101CircleEventsBlog

Download Publication

The Six Pillars of DevSecOps - Pragmatic Implementation
The Six Pillars of DevSecOps - Pragmatic Implementation

The Six Pillars of DevSecOps - Pragmatic Implementation

Release Date: 12/14/2022

Working Group: DevSecOps

This document provides a high-level overview of the various tools and processes that should be considered when building out a successful DevSecOps program. It takes a wide range of DevSecOps activities and turns them into a cookbook for teams to reference when considering different approaches. It also is broken down to allow a reader with a specific role to hone in on the sections relevant to their area of expertise and responsibility. Follow-up papers will take this high-level overview, and provide specific guidance for various use-cases, as well as recommendations on which order to focus on implementation to see the greatest returns for the reader’s context. 
Download this Resource

Prefer to access this resource without an account? Download it now.

Agile Data Lake Threat Modeling
Agile Data Lake Threat Modeling
SaaS Governance Best Practices for Cloud Customers
SaaS Governance Best Practices for Cloud Customers
Recommendations for using a Customer Controlled Key Store
Recommendations for using a Customer Controlled...
Compromise Detection vs. Threat Detection: Why ‘Right of Boom’ Now
Compromise Detection vs. Threat Detection: Why ‘Right of Boom’ Now
Published: 05/30/2023
Four Things You Need to Know Before Building a Secure SDLC
Four Things You Need to Know Before Building a Secure SDLC
Published: 05/26/2023
5 Essential Components of a Cloud DLP Solution
5 Essential Components of a Cloud DLP Solution
Published: 05/23/2023
How Can 3DS Authentication Enhance My Payments Flow?
How Can 3DS Authentication Enhance My Payments Flow?
Published: 05/23/2023

Acknowledgements

Roupe Sahans
Roupe Sahans
DevSecOps Leader

Roupe Sahans

DevSecOps Leader

Leads DevSecOps activities for organisations embracing digital transformation.

Read more

Michael Roza
Michael Roza
Risk, Audit, Control, and Compliance Professional

Michael Roza

Risk, Audit, Control, and Compliance Professional

Since 2012 Michael has contributed to over 85 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud Ke...

Read more

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training