With DevSecOps, part of the architecture can be captured as a code. Centralized configuration management and infrastructure are widely used as a code. Even the compliance and audit can and must be standardised in structured language.
Structured languages that are used to configure databases, firewalls, servers, applications, or containers, must be readable. Architectural standards, such as CIS benchmarks, are defined only once, and the code is automatically distributed and configured on all architectural components of specific type. A high degree of automation is critical parameter to security in agile environments. The DevSecOps toolkit provides a complete process of deploying and installing IT systems in a controlled manner.
Structured languages that are used to configure databases, firewalls, servers, applications, or containers, must be readable. Architectural standards are defined only once and evolving based on the need of internal or external customers, and the code is automatically distributed and configured on all architectural components of specific type. A high degree of automation is critical parameter to security in agile environments. The DevSecOps toolkit provides a complete process of deploying and installing IT systems in a controlled manner.
* Interaction between people is a must.
* Security must work as a Business enabler
@ -13,6 +13,6 @@ Structured languages that are used to configure databases, firewalls, servers, a
* Security is a priority for delivering high-quality software and architecture as a code.
* Security is functional requirement.
* Teams must share knowledge in information and cyber security for growth
* overall maturity of community resulting into guild.
* Overall maturity of community resulting into guild.
* Automation and security coding is a long-term goal for architecture as a code.
Marek Šottl
3 years ago
committed by
GitHub